You are using an older browser version. Please use a supported version for the best MSN experience.

Russian cyber threat to Canada worse than previously reported: CSE

National Post logo National Post 2022-07-14 Anja Karadeglija
Communications Security Establishment (CSE) headquarters in Ottawa. © Provided by National Post Communications Security Establishment (CSE) headquarters in Ottawa.
Replay Video

Russia’s cyber operations following its invasion of Ukraine have “almost certainly” been more extensive than what has been publicly reported, and Canada is among the targets, the Communications Security Establishment said.

The CSE’s Canadian Centre for Cybersecurity said in a threat bulletin issued Thursday “the scope and severity of cyber operations related to the Russian invasion of Ukraine has almost certainly been more sophisticated and widespread than has been reported in open sources.”

Christopher Parsons, a senior researcher at University of Toronto’s Citizen Lab, said the CSE’s warning should be taken seriously. “Anyone who has critical infrastructure under their control, or is interfacing with it, needs to take what they’re saying seriously. They’re not in the habit of trying to spook Canadians.”

Stephanie Carvin, an associate professor of international relations at Carleton University, said “CSE is trying to flag-wave here to a certain extent and show that there is an increased risk to Canadian infrastructure.”

The agency warned Russia is “in the process of developing cyber capabilities against targets” in the E.U. and NATO, including Canada.

Just prior to Russia’s invasion of Ukraine, the CSE warned Russia could target Canadian critical infrastructure. It said since then, its cybersecurity centre has reached out to critical infrastructure sectors in Canada to “reinforce the need to enhance vigilance and follow Cyber Centre advice.”

Video: Cybersecurity firm discusses one of the 'changing pieces' it has seen in the last several months (CNBC)

Cybersecurity firm discusses one of the 'changing pieces' it has seen in the last several months

The threats flagged by CSE Thursday include spying by Russian-backed actors, who have “almost certainly increased cyberespionage targeting of North Atlantic Treaty Organization (NATO) countries in response to NATO’s support for Ukraine.”

Carvin said Russia wants to know what the intentions of Western countries are. “They want to know what our plans are. They want to know our diplomatic coordination. They want to know if more sanctions are coming. They want to know what military equipment we’re talking about sending Ukraine and they want to know our discussions with Ukraine as well,” she explained.

That’s in addition to Russia’s main focus targeting Ukraine itself, where Russia has “sought to degrade, disrupt, destroy, or discredit Ukrainian government, military and economic functions, secure footholds in critical infrastructure, and to reduce the Ukrainian public’s access to information,” CSE said.

In 2020, CSE said it was very likely state-sponsored actors were developing the capabilities to disrupt critical infrastructure in Canada, citing the electricity supply as an example. The agency said at the time that it was very unlikely they would “intentionally seek to disrupt Canadian critical infrastructure and cause major damage or loss of life in the absence of international hostilities.”

Carvin noted that “short of conflict, they didn’t think it would be likely, but the fact is, there’s now a conflict.”

We don’t know to what extent the situation has changed with Russia’s invasion of Ukraine, Parsons said. “Obviously, Canada is involved, not directly, but very closely and adjacently, to the hostilities between Ukraine and Russia at the moment, so it remains unclear to me what exactly CSE’s formal risk assessment is at the moment,” he said. “Is it batten down the hatches?”

Canada saw a big interruption to its critical infrastructure last Friday, when a service outage at Rogers caused millions to lose internet and wireless service and shut down Interac debit payments across the country. Parsons said both the government and Rogers have said the interruption was not due to an attack. “So at least to date, there is no indication that this was anything other than an incredibly unfortunate” update to Rogers systems, he said.

In Thursday’s bulletin, CSE strongly encouraged organizations in critical sectors to report “compromises or potential compromises,” noting that the “lack of incident reporting remains a challenge.”

Carvin said in issuing the bulletin, the CSE isn’t warning of a cyberwar, but is trying to encourage Canadian companies to boost their cyber defences, and to encourage companies to go to the agency if they’re hacked.

In June, the Liberal government introduced legislation that would put new obligations on operators in the federally regulated telecom, finance, transport and energy sectors to ensure cybersecurity of their systems, including to report incidents to the CSE.

The national security experts said the CSE’s report is important in stating there is a cyber side of the conflict in Ukraine, which hasn’t always been visible. Parsons said it “perhaps lays to rest the public discussion of ‘where is the cyber’ in the war.”

Carvin said the CSE is “trying to say there’s a lot more cyber activity here than maybe what a lot of people believe.”


More from National Post

image beaconimage beaconimage beacon