Cyberdefense flaws expose government information to state-sponsored theft: report
Gaps in Ottawa’s cyber defenses could leave government agencies holding vast amounts of data about Canadians and businesses vulnerable to state-sponsored hackers from countries like China and Russia, according to a new report from the Parliamentary Committee on security and intelligence.
Their report, tabled Monday night in the House of Commons, shows that past mistakes have allowed state-sponsored actors to infiltrate and steal government information over the past decade.
“Cyber threats to government systems and networks pose a significant risk to national security and the continuity of government operations,” the National Security and Intelligence Committee of Parliamentarians report said.
The committee’s study looked at the three main players in Canada’s cyber defense shield: the Treasury Board Secretariat, which oversees federal government spending and operations; Shared Services Canada, the agency that provides IT services across all federal departments; and the Communications Security Establishment, the country’s foreign signals intelligence agency.
The report says that after suffering major attacks, the government has put in place strong cyber defense systems. But he found discrepancies in how these systems are applied.
The report says Treasury Board policies aimed at securing government systems are not being applied evenly across the federal family.
Crown corporations and organizations known as “government interests” – such as airport authorities – are known targets for state actors, but do not fall under Treasury Board guidelines or policies on security. cybersecurity, the committee said.
Liberal MP David McGuinty, chair of the committee, said some departments were not using all the protections available to them, while other organizations refused protection.
“It not only puts them, their data, their processes or their systems at risk, but it puts the whole of government at risk because it becomes, as we say in the report, a weak link,” he said. declared.
“With persistent threat actors out there very aggressively and non-stop targeting the federal government of Canada, we just need to up our game here.”
The report said China and Russia are the most sophisticated cyber threat actors targeting the government, while Iran and North Korea have “moderately sophisticated” capabilities.
Intellectual property, advanced search already stolen
A year-long attack by China while Stephen Harper was prime minister served as a “wake-up call” for the federal government, the report said.
Between August 2010 and August 2011, China targeted 31 departments and eight suffered “severe compromises”, according to the report.
“There has been considerable information loss, including email communications from senior government officials, massive exfiltration of information from multiple departments, including briefing notes, strategy documents and secret information, as well as only password and file system data,” the report said.
In 2014, a Chinese state-sponsored actor managed to compromise the National Research Council.
“The theft included intellectual property, advanced research, and proprietary business information of NRC partners. China also leveraged its access to the NRC network to infiltrate a number of government organizations,” the report said.
The cost of mitigating the damage from this attack was estimated to be over $100 million.
“It’s pretty damn expensive to deal with cyber knocks and cyber attacks,” McGuinty said.
“If we’re not able to increase our overall protection by improving coverage, by bringing more people into the perimeter, I think it’s fair to say there will be considerable costs.”
The NSICOP committee recommended that the government apply Treasury Board cyber defense policies equally to all departments and agencies and extend these policies to all federal organizations, including small organizations and Crown corporations.
It also recommends that the government extend CSE’s advanced cyber defense services to all federal organizations.
The Treasury Board of Canada Secretariat said it will review its policies to ensure cyber defenses are applied equally across all departments and agencies “to the extent possible.”
An unredacted version of the report was sent to Prime Minister Justin Trudeau over the summer.
The report was completed around the time Tory MPs decided to boycott the committee in protest at the Liberal government’s refusal to hand over unredacted documents related to the firing of two scientists from Canada’s most secure lab.