The threat was highlighted in a speech prepared for David Vigneault, the CSIS director, earlier this year and obtained by the Star under an access-to-information request.
Experts say while the threat of terrorism and violent extremism hasn’t gone away, threats related to cyberespionage and data exfiltration are growing.“That’s the one, I think, that CSIS is most seized with right now,” says Stephanie Carvin, a Carleton University professor and national security expert.A speech was prepared for Vigneault in February in advance of his attendance at the Joint Operations Symposium, which gathered members of the Canadian Armed Forces, the Department of National Defence and federal government in Ottawa to discuss global threats to national security.
The speech was not ultimately delivered, but CSIS confirmed its contents remain valid.
According to the speech, while violent extremism remains a “primary” concern for CSIS, the agency is “increasingly focusing efforts on investigating threats posed by those seeking to undermine Canada’s democratic values and institutions, and our economic prosperity.”
“In the past hostile state actors primarily targeted government secrets and military research and development. Today’s adversaries, however, are also targeting valuable national assets, such as highly sensitive commercial information, while attempting to undermine our democratic institutions,” the speech said.
“Information targeted by today’s hostile state actors includes intellectual property and large digital data sets held by our private sector and academic partners, all in an effort to gain economic and technological — and therefore political — advantages over western democracies.”Asked to elaborate, CSIS spokesperson John Townsend told the Star that as our daily lives become increasingly digital, there is a growing availability of “personally identifiable information.”“Large data sets of personally identifiable information can provide a detailed picture of the day-to-day activities of the individuals and organizations from which it originated and hold high strategic value for adversaries who wish to collect information on individuals within Western democracies,” Townsend said in an email.
Townsend identified China and Russia as among the state actors targeting Canadian industry and academic institutions. How state actors gain access to sensitive data can take many forms, he said, ranging from recruiting spies to cyberespionage to investing in Canadian businesses. Christopher Parsons, a senior research associate with The Citizen Lab at the University of Toronto’s Munk School of Global Affairs, agreed the bulk acquisition of data sets is becoming an increasingly pressing issue as adversaries target data sets that are the “Crown jewels” of public and private organizations.
When it comes to intellectual property, just think about research laboratories racing to find a COVID-19 vaccine, he said. In July, Canada’s Communications Security Establishment warned in a bulletin that Russian agents were targeting Canadian, British and U.S. organizations involved in COVID-19 vaccine research.
“These malicious cyber activities were very likely undertaken to steal information and intellectual property relating to the development and testing of COVID-19 vaccines, and serve to hinder response efforts at a time when health care experts and medical researchers need every available resource to help fight the pandemic,” the bulletin said.
When it comes to personal information, acquisition of bulk data sets can help identify people working as intelligence officers for the government, influential people inside private companies or top scientists at academic institutions, Parsons said. When those data sets are compared against other information, they can be used to build profiles of those individuals and identify weaknesses or “pressure points,” such as medical conditions or financial problems, that can be exploited.
Maybe there’s an academic who hasn’t been able to get grants in a while. Adversaries might stealthily offer state-backed funding to the person in exchange for their help, he said. Or maybe a person has a rare disease and can’t get treatment in Canada. A hostile actor might arrange for treatment for that person in another part of the world.
Earlier this year, the U.S. Justice Department announced indictments against four members of China’s People’s Liberation Army accused of hacking into the databases of credit-reporting agency Equifax and obtaining the names, birthdates and social security numbers of nearly half of all U.S. citizens.U.S. Attorney General William Barr at the time noted this was just the latest in a series of alleged incursions by China. In 2015, for instance, U.S. officials accused Chinese government hackers of breaching the computer system of the U.S. government’s Office of Personnel Management, which contains the information of millions of federal employees.
Decade of Chinese RATs. This new research adds to that concern, claiming that a concerted effort involving five Chinese advanced persistent threat (APT) groups has been focused on the Linux servers that "comprise the backbone of the majority of large data centers responsible for the some of the most sensitive enterprise network operations."
Canada’s spy agency is rethinking its role amid a growing demand for intelligence and increased threats
Canada’s spy service moving quietly ahead with data-crunching plans, documents show
Canada’s domestic spy agency looking to hire hackers and data scientistsIn 2018, U.S. Justice Department officials announced charges against two Chinese men accused of waging a years-long campaign targeting managed service providers — companies that remotely manage the IT infrastructure of governments and businesses around the world, including their servers and storage systems. Affected companies spanned 12 countries, including Canada, and belonged to an array of sectors, including aviation, banking, telecommunications, consumer electronics, biotechnology and mining.The lengthy operation speaks to what the director general of Britain’s domestic intelligence agency, MI5, said recently when he compared Russia to bad weather and China to climate change, Parsons said.
“Russia is very active but sporadic, whereas China is more professionally resourced and willing to take more time.”
Townsend, the CSIS spokesperson, said the agency has been working with the private sector and academic partners to help them better understand the nature of the threat, “which, in turn, allows them to develop and implement the necessary mitigations to protect themselves from these threats.”
But Parsons said much of the threat intelligence is watered down so it can be presented to people who don’t have security clearances, which can make it difficult for companies or institutions to know exactly what action to take.
Sometimes, mitigation measures come too late, Parsons added. He likened it to the Titanic hitting the iceberg and under-appreciating the size of the chunk of ice that had torn the ship below the surface of the water.
DQDouglas Quan is a Vancouver-based reporter for the Star. Follow him on Twitter: @dougquan
Read more about:
Report an errorJournalistic Standards
About The Spec