Last year, Canada’s Cyber Espionage Agency blocked an average of 6.3 billion “malicious acts” against the federal government every day, with new ministerial approval to conduct more aggressive overseas cyber operations than ever before. revealed in a report.
Communications Security Agencies as criminals, hackers and hostile state actors seek to exploit Canada’s vulnerabilities in an ever-evolving online environment, from Prime Minister Justin Trudeau’s website down to more nefarious purposes. (CSE) new report shows an increase in efforts made last year.
according to CSE Annual Report Released Thursdaythe agency’s automated defenses protected the federal government from 2.3 trillion “malicious acts,” equivalent to an average of 6.3 billion per day.
The CSE, which leads the federal government’s cybersecurity operations, aims to counter hostile state activity, cybercrime, and disrupt foreign adversaries by conducting foreign intelligence operations, active and defensive cyber operations, and It is obligated to focus on helping federal partners to protect themselves against cyber threats.
Last year, with the approval of Defense Minister Anita Anand, the CSE obtained permission to conduct one defense operation and three operational operations. It was the most active activity since the Communications Security Establishment Act came into force in 2019.
While the CSE has provided few specific details about the content of these operations, the report noted this year that it “intercepts harmful terrorist content disseminated online by foreign ideologically motivated extremists, It points out that it carried out an aggressive cyber operation to “delete it.”
“The turmoil has broken the cohesion of the militant group and significantly reduced its online reach and ability to recruit new members,” officials said in a report.
More broadly, over the past four years, agencies have countered hostile state activity, countered cybercrime, and also conducted aggressive cyber operations to support the Canadian military. These foreign cyber operations permits are valid for up to one year and allow CSEs to: Multiple operations can be performed under a single authorization, but some operations are “preventative” and may not be resolved by the action taken.
CSE Director Caroline Xavier said: “As always, there are parts of our activity that we cannot share in our public reports. We have not identified specific targets for signal intelligence gathering or foreign cyber operations. is confidential,” he said. Described in a non-confidential summary of agency operations from April 1, 2022 to March 31, 2023.
The increase in active activities follows a $273.7 million increase in the federal budget for 2022 intended to strengthen CSE’s ability to conduct overseas operations for years to come. be.
As the report notes, all activities conducted by CSE’s more than 3,200 staff are subject to external review by the National Security Intelligence Review Agency (NSIRA) and the National Security Intelligence Parliamentary Committee (NSICOP). Be eligible.
What about foreign interference?
Thursday’s report made it clear that foreign countries “seek to influence and interfere with Canadian society and democracy” in a variety of ways, including espionage and online disinformation.
While the report does not draw a direct line between China and foreign election interference, as has been the focus of federal politicians’ attention in recent months, the CSE denounces China’s divisive intimidation tactics. .
Canadian Security Intelligence Agency Director David Vigneaux (left to right), Royal Canadian Mounted Police Deputy Commissioner Michael Duheme, Communications Security Director Caroline Xavier, and Canadian Security Intelligence Agency Operations Deputy Director Michel Tessier. A committee on Parliament Hill, Ottawa, Thursday, March 2, 2023, discussing where to sit before attending proceedings and House issues.Canadian Press Agency/Adrian Wilde
Canadian Security Intelligence Agency Director David Vigneaux (left to right), Royal Canadian Mounted Police Deputy Commissioner Michael Duheme, Communications Security Director Caroline Xavier, and Canadian Security Intelligence Agency Operations Deputy Director Michel Tessier. A committee on Parliament Hill, Ottawa, Thursday, March 2, 2023, discussing where to sit before attending proceedings and House issues.Canadian Press Agency/Adrian Wilde
“Authoritarian states use a variety of means to monitor and intimidate diasporic populations around the world, including in Canada. problem,” the report said.
CSE provided little detail on what the mitigation measures would look like, other than to say that the CSE is “working with global and federal partners to mitigate the risks posed by these cross-border repression activities.” has not been shared, but outlined a series of ways in which the CSE claims to support Canada’s efforts. foreign interference.
These include:
- Providing foreign signal information regarding the intentions, capabilities and activities of foreign-based attackers to Canadian government decision makers.
- Protect Canada’s federal election infrastructure from malicious cyber activity.
- Actively support democratic institutions in improving their cybersecurity.
- Share unclassified threat assessments with the public.and
- We share information to help Canadians identify false information and protect their online privacy and security.
As part of a series of measures aimed at allaying concerns about the strength of Canada’s intuition in the face of foreign interference, Prime Minister Trudeau said in March that he would use the NSCOP and NSIRA to plan for the 2019 and 2021 elections and We have initiated an external review of the responses of government agencies, including CSE.
In a report on Thursday, the agency said it was providing information to those oversight bodies and confirmed its participation in the work done by former special rapporteur David Johnston.
A member of the Security and Information Threats to Elections (SITE) task force, which has engaged in the past two elections and the most recent federal by-election, a report Thursday said the CSE has created a dedicated point of contact for political parties to contact them online. He also pointed out that he installed Non-election security issues.
This channel is believed to have been used last spring when the CSE briefed parties on the increased risk of Russian-backed cyber threat activity following the invasion of Ukraine.
“Representatives from five political parties attended the briefing, which also included cybersecurity recommendations. The Cyber Center transmitted the briefing content to all 19 registered federal political parties,” the report said. ing.
The CSE has spent the last year exposing and trying to counter Russian disinformation social media activity, as well as “hostile cyber activity against Ukrainian national infrastructure” and “repairing network infrastructure to prevent hostile activity.” It has also helped Ukraine’s cybersecurity by informing them about “vulnerabilities.” Based on data actively shared with his CSE by Ukrainian authorities.
Common scams and critical infrastructure
In addition to CSE’s work to provide Canada with foreign intelligence on cyber threats, the agency’s “Cyber Center” provides industry and industry insight into emerging threats and tactics of nation-state actors and cybercriminals online, and how to protect themselves and their devices. It is also working to warn the Canadian public.
Hundreds of alerts were issued last year, ranging from routine cyber hygiene advice to emergency alerts.
A recent example is It was a warning notice in May Regarding the “significant threat from state-sponsored cyber attackers associated with the People’s Republic of China” targeting critical infrastructure.
Outreach to Canada’s critical infrastructure providers increased at last year’s CSE. This is because Internet-connected control systems used to operate key pieces of machines and processes are perceived as “high-value targets” for malicious actors. Or if the light is turned off, malfunction or permanent damage will occur.
In terms of how individuals are targeted, one area highlighted in the report is phishing emails and texts, which the CSE calls smishing, which collects personal and financial information and/or sends malware to Canadians’ devices. It contained links to obnoxious domains that tried to install
Working with partners, including those in the telecommunications sector, CSE reported receiving over 850,000 suspicious web links. Of these, 274,000 were malicious and 12,700 were previously unknown fraudulent activities.
Among the most common types of fraud reported to CSE last year were package fraud, health product fraud, survey fraud, and cryptocurrency investment fraud.
During the pandemic, CSE began an effort to remove websites and email domains that mimicked federal agencies, and has now expanded that effort to rid the Internet of other sources of malicious content.
Last year, over 3,167 Canadian government spoofs were blocked or removed, as were 306,000 other malicious domains.
Other key statistics highlighted in the report include that from 2022 to 2023, the CSE produced more than 3,000 foreign intelligence reports for the federal government, impacting federal agencies and critical infrastructure. This includes responding to over 2,000 cybersecurity incidents.
Anand said in the report that this should be “a wake-up call for all of us” as cyber-attackers step up their activity and the CSE issues more warnings.
“We must remain vigilant against the threats we face and work with all stakeholders, including partners around the world, to protect our common interests,” he said.
