#CyberFLASH: Former CSIS head says Canada should have its own cyber-warriors

richard-faddenCanada’s former top spymaster says the country’s military should have the legal authority and capability to not only defend itself, but also to go on the attack in cyberspace as well.

Richard Fadden, the former director of the Canadian Security Intelligence Service and the ex-national security adviser to prime ministers Stephen Harper and Justin Trudeau, says he’s argued in the past that the threat in the online world is as serious as terrorism in the physical world.

At the moment, the Canadian military’s nascent cyber capability is restricted from going on the offensive to protect itself. Documents obtained by CBC News show that National Defence appears to be struggling to develop even a defensive stance.

“If we are going to allow that we’re going to have Canadian Forces abroad and they are facing cyberattacks, either communications or other, I think it’s totally reasonable to think seriously about whether or not we should give them the capacity to reach out and suppress before they are used against them,” Fadden told CBC Radio’s The Current on Wednesday.

The issue is partially framed in the Liberals’ defence policy review statement, which asks the public what sort of role the military should play in the online battle space.

Debate over whether Western militaries should adopt an offensive, or defensive, posture in cyberspace has been raging for months, particularly in the halls of NATO. The military alliance struggled to come up with a clear, coherent policy in the aftermath of Russia’s annexation of Crimea.

Read more here

#CyberFLASH: Former CSIS director backs greater oversight

image-3

The former director of CSIS says he supports greater oversight of the nation’s security and intelligence agencies to ensure they are playing within the rules.

Prime Minister Justin Trudeau’s Liberal government has signalled its intention to set up an all-party, parliamentary oversight committee to watch over Canada’s national security agencies.

“Broadly speaking I think there’s something to be said for somebody, somewhere, having an overview,” said Richard Fadden, who retired about a month ago from his role as national security advisor to the prime minister, a job assigned to him by former prime minister Stephen Harper. Prior to that Fadden was the director of the Canadian Security Intelligence Service.

But in order for such a committee to function correctly, Fadden told CTV’s Question Period it would need to be given staff and provided with access to classified information, and integrated with various security agencies to ensure the committee members receive pertinent information when making decisions.

Liberal Government House Leader Dominic LeBlanc said Friday the government plans to “expeditiously” follow through on its pledge.

Read more here

#CyberFLASH: Canadians aren’t up for mass surveillance

mobile-securityWhen Ralph Goodale and David McGuinty headed to the UK and France last January to get ideas about overseeing national security issues in Canada, it seemed like an intelligent thing to do.

But did our public safety minister and his MP colleague go to the wrong place?

The Liberals, after all, are trying to amend Bill C-51, a controversial piece of anti-terrorism legislation that Canadians don’t like. No wonder. What’s to like about a government—sanctioned police state law?

Under Harper-era legislation, the Canadian Security Intelligence Service (CSIS) was empowered to operate outside the Charter of Rights, which gave it authority to violate citizens’ constitutional rights. And Canada’s cyber intelligence agency, the Communications Security Establishment (CSE) was allowed to conduct mass collection of information on Canadians without a specific target.

Based on their attitudes towards mass surveillance, Britain and France are hardly the countries to help Canada rein in the excesses of Bill C-51.

According to a YouGov survey of 15,000 people reported this week by Amnesty International, citizens of Britain, France and the Philippines were most comfortable with government eavesdropping. Britain was one of three countries out of 13 surveyed where more people favoured surveillance of all people — British citizens, foreigners, and foreign countries, than favoured monitoring none of them.

Read more here

#CyberFLASH: Canada’s spies expecting a budget boost

 

computer-laptop-keyboard-852OTTAWA—Canada’s spies are expecting a budget boost when the Liberals table their first fiscal plan next month, documents released Tuesday show.

The Canadian Security Intelligence Service (CSIS) and the Communications Security Establishment (CSE) have estimated an additional $95 million for intelligence and cyber defence operations next year.

The figures were released in the government’s main estimates document, a best-guess scenario for departments and agencies released a month before the Liberals table their first budget.

CSIS expects an additional $35.5 million “in support of Canada’s national security and the safety of Canadians.” A breakdown of CSIS budget — grouped vaguely into “intelligence” and “security screening” — shows most of the increase will go to intelligence operations.

CSE, the electronic spying and cyber defence agency, is expecting a net increase of $59.5 million “in support” of its mandate. Specifically, CSE expects to spend the money to increase its “capacity to address cyber threats and advancements in technology.”

Together, the two spy agencies estimate they’ll spend $1.2 billion in 2016-17, a slight increase compared to the 2015-16 estimates of $1.075 billion.

CSE spokesperson Lauri Sullivan said in a statementthat the funding will go to addressing several “key vulnerabilities” in government networks, as well as moving forward with the national Cyber Security Strategy.

“CSE’s mandate, including our unique skills in areas like cyber defence, are critical in advancing Canada’s national security priorities,” Sullivan wrote.

Read more here

#CyberFLASH: CSE can assist in ‘threat reduction’ without a warrant, documents show

csis.jpg.size.xxlarge.letterboxOTTAWA—Canada’s electronic spies can assist CSIS with the agency’s new mandate to disrupt security threats with little oversight from politicians or the courts, documents obtained by the Star show.

The Communications Security Establishment told Defence Minister Harjit Sajjan last November they can aid CSIS with new “threat reduction” efforts — a power granted to the agency under Bill C-51.

It’s not unusual for CSE to lend a hand to police or intelligence agencies; in addition to electronic espionage and cyber defence, assistance to law enforcement is one of the agency’s core mandates. But that assistance often requires a warrant.

But under C-51, CSIS can take action to reduce threats to national security without a warrant — so long as the agency’s efforts don’t violate Canadian law or charter rights. CSE confirmed that they do not necessarily need a court’s approval to assist CSIS in threat reduction.

The new power has opened the door for CSE to act as a “virtuous hacker” for CSIS, according to national security researcher Craig Forcese.

“This was the sleeper in C-51, because CSE is barely mentioned in C-51,” said Forcese, a vocal critic of the new terrorism law.

“CSE has been a watcher . . . . It has not been able to do things kinetically to people. But under the umbrella of CSIS assistance, it can now go kinetic.”

The power to reduce or “disrupt” threats to Canada’s national security was one of the most controversial aspects of the previous Conservative government’s anti-terrorism law.

Read more here

#CyberFLASH: There Has Been a ‘Sea Change’ in Privacy Rights in Canada, Warns Watchdog

Surveillance_610px

The man tasked with defending Canadians’ personal information, once decried as a government stooge, directly chastised the federal government over its efforts to track and surveil Canadians — and recommended that the new government put safeguards on how the government uses “big data” to spy on its citizens.

In his annual report, Daniel Therrien, the Privacy Commissioner of Canada, looked at three pieces of legislation that “taken together, these initiatives have resulted in what can only be described as a sea change for privacy rights in Canada.”

The first, C-44, allows Canadian spies to operate abroad and gives them more ability to obtain information without disclosing its origins; C-13, which creates new legal authority for cops and public servants to obtain Canadians’ personal data without a warrant; and C-51, the anti-terrorism legislation that opens the door for wide new intelligence-gathering and sharing.

All three bills, which are now law, were introduced by the Conservatives, but supported by the Liberals.

The Liberals have said they will change aspects of C-51, but have said little about the other two pieces of legislation.

In his report, released last week, Therrien recommended fixes for each bill — that the government include language to prevent CSIS from obtaining and using data that has been obtained through torture; that the law be updated to clarify when police are allowed to obtain Canadians’ data from their internet or cellphone companies without a warrant; and that legislation be introduced to toughen protections for Canadians’ privacy when departments want to share their information.

C-51 especially raised the ire of the commissioner.

Read more here

#CyberFLASH: Cyberattacks on infrastructure a ‘major threat,’ says CSIS chief

shutterstock_154242893-680x400The head of Canada’s main spy agency says he views the possibility of a cyberattack by ISIS or other extremist groups on the country’s “critical infrastructure” as “a major threat.”

“Cyber is one of our top priorities,” Michel Coulombe, director the Canadian Security Intelligence Service (CSIS) told an Ottawa news conference on Wednesday.

Coulombe was responding to questions after Britain announced it is nearly doubling funding for cyber counterterrorism amid fears ISIS is looking to target Western infrastructure such as hospitals, airports or power plants by using the internet.

He was flanked by RCMP Commissioner Bob Paulson and Ralph Goodale, Canada’s newly appointed minister of public safety.

“This is an area that I’m beginning to be further briefed on by the department,” Goodale told reporters, deferring to his deputy minister and CSIS.

Read more here

#CyberFLASH: Trudeau government putting new emphasis on cybersecurity

 

typing-image-genericThe neglected federal cybersecurity file made a surprising appearance in several of the ministerial mandate letters publicly released last week, buried under hot-topic campaign promises like the Syrian refugee project and the legalization of marijuana.

Observers say it’s a good sign that Canada is starting to take the threat of cybercrime more seriously.

“There’s a lack of a strategy and a lack of clarity of who in the government is responsible for what,” said former CSIS assistant director of intelligence Ray Boisvert, who has criticized the Canadian government in the past for not doing enough to protect Canada’s critical infrastructure from cyberattacks.

“We (Canada) are a little complacent and in a sort of ‘stand by and watch others’ mode — which I think is globally a problem — and unlike other defence issues there’s no hiding under the U.S. umbrella, because cyber touches everyone, everywhere,” said Boisvert. “There are no walls or barriers of isolation for Canada, no hiding behind our three oceans.”

The planned review of cybersecurity, which covers seven federal departments, will assess Canada’s critical infrastructure against cyber threats. There’s no word yet on when the review might take place or how much it might cost.

Read more here

© 2013 CyberTRAX Canada - All Rights Reserved.
Sponsored by C3SA Corp.