Good afternoon and thank you, Mr. Chair and committee members, for the invitation to appear today to discuss cybersecurity during the COVID-19 pandemic.
As mentioned, I'm Scott Jones and I am the head of the Canadian Centre for Cyber Security at the Communications Security Establishment. I'm very pleased to be joined by my colleagues: Chief Superintendent Mark Flynn, director general of financial crime and cybercrime from the RCMP, and Colleen Merchant, director general of national cyber security from the Department of Public Safety.
Our departments have distinct but complementary mandates as they relate to cybersecurity.
The CSE, reporting to the Minister of National Defence, is one of Canada's key intelligence agencies and the country's lead technical authority for cybersecurity. The Canadian Centre for Cyber Security, or as I will refer to it from now on, the cyber centre, is a branch within the CSE. We defend the Government of Canada, we share best practices to prevent compromises, we manage and coordinate incidents of national importance and we work to secure a digital Canada.
Public Safety leads the Government of Canada's cybersecurity policy work. This involves the implementation of the 2018 national cybersecurity strategy and the coordination of government-wide efforts to help secure digital and cyber-assets through strategic-level initiatives. Public Safety also supports critical infrastructure protection and offers assessment tools to provide expert advice to owners and operators on how to improve their cybersecurity and cyber-resilience posture.
RCMP federal policing is responsible for the investigation of attacks against Canada's critical infrastructure—which includes the health care sector—in collaboration with the police of local jurisdiction. Additionally, the RCMP has its national cybercrime coordination unit, which is a national police service that coordinates the response of Canadian police agencies to cybercrime incidents. Together our three departments work with the greater Canadian cybersecurity community to protect Canada and Canadians from potential cyber-threats.
Today I would like to provide an update on what the current cyber-threat environment looks like in the COVID-19 pandemic and also highlight the important work that the CSE, the RCMP and Public Safety are doing to protect the Government of Canada and Canadians specifically in the context of the health sector.
Cyber-threat actors are attempting to take advantage of Canadians' heightened levels of concerns around COVID-19. Prior to, and amplified by, the pandemic, our lives are becoming increasingly reliant on digital communication. Cybercriminals are aware of this digital reliance and are seeking to take advantage of the current situation. More than ever, collaboration for cybersecurity is critical, whether it is for the cyber-infrastructure underlying the Internet of things, connected devices or for the applications supporting digital exposure notification. Designing solutions with cybersecurity in mind is a condition for long-term success.
From a government perspective, the underlying objective must be to protect Canadians online. These efforts are under way and they are significant, with the cyber centre as the lead for the federal government. Among these efforts, cybersecurity and cybercrime remain interconnected and remind us of the importance of pursuing those responsible through the criminal justice system.
Law enforcement remains a critical element of cybersecurity. As such, the RCMP federal policing program investigates the most significant threats to Canada's political, economic and social integrity, including cybercrime that targets the federal government, threatens Canada's critical infrastructure and the health care sector, involves the use of cyber-systems to facilitate or support terrorist activities and threatens key business assets with high economic impact.
The RCMP works with domestic and international law enforcement partners and with other Government of Canada agencies to ensure that the wide array of cyber-threats is not treated in isolation. Appropriate and timely information sharing is essential for investigation, which in turn contributes to improved cybersecurity for Canadians. For example, the cyber centre and the RCMP work together by sharing information about scams to warn Canadians and share indicators of compromise so they can be blocked and prevented. From a public safety perspective, they tackle these questions by engaging with stakeholders and fostering good discussions to identify problems and propose policy solutions.
The cyber centre is working tirelessly to raise public awareness of cyber-threats to health organizations by proactively issuing cyber-threat alerts and providing tailored advice to the health sector, government partners and industry stakeholders. Throughout COVID-19, the cyber centre has worked closely with industry and commercial partners to facilitate the removal of malicious websites, including those that have spoofed Canadian government departments and agencies. The cyber centre has also helped monitor and protect important Government of Canada programs against cyber-threats, including the Canada emergency response benefit web application. We have continued to evaluate cloud applications, including for the Public Health Agency, and enabled cybersecurity monitoring and defence for cloud usage across the government.
Individual Canadians, however, are also at risk. As people and organizations shift to working and learning from home, personal devices and home networks have become attractive targets. In response, the cyber centre has partnered with the Canadian Internet Registration Authority, CIRA, to create and launch the CIRA Canadian shield, a free DNS firewall service, which provides online privacy and security to all Canadians for free.
The cyber centre has also collaborated with the Canadian Anti-Fraud Centre. It is operated by the RCMP, the Ontario Provincial Police and the Competition Bureau, which are are Canada's trusted sources for reporting and mitigating mass-marketing fraud.
The Anti-Fraud Centre's primary goals are prevention through education awareness, the disruption of criminal activities and the dissemination of intelligence that enables law enforcement to identify organized crime involvement in fraud schemes.
Through targeted advice and guidance, the cyber centre is helping to protect Canadians' cybersecurity interests. I encourage all Canadians to visit getcybersafe.gc.ca and all businesses to visit cyber.gc.ca to learn more about our best practices that can be applied to protect you and all Canadians from cyber-threats.
Finally, the cyber centre has assessed that the COVID-19 pandemic presents an elevated level of risk to the cybersecurity of Canadian health organizations involved in the response to the pandemic. Cyber-threat actors know that the health sector is under intense pressure to slow the spread of COVID-19 and to produce medical treatments to prevent new infections and their spread. Hospitals and other front-line medical services are often vulnerable to malicious cyber-threat activity due to limited cybersecurity capacity.
We continue to recommend that Canadian health organizations remain extra vigilant and take the time to ensure they are applying cyber-defence best practices, including increased monitoring of network logs, reminding employees to be alert to suspicious emails and to use secure teleworking practices where applicable, and ensuring that servers in critical systems are patched for all known security vulnerabilities.
To further protect the health sector, Public Safety, in close collaboration with the cyber centre, is developing a Canadian cyber-survey tool to provide health sector organizations such as hospitals, doctors' offices and long-term care facilities, among others, with an easy-to-use tool to assess the cybersecurity of their organization. The survey can be completed in less than an hour and is completely voluntary. It will be used for two main purposes.
The first is to provide the organization with a report detailing any technical and cybersecurity program-related findings that could and should be addressed to enhance their cybersecurity. The second is to identify cybersecurity trends and common challenges in the health sector to help tailor cybersecurity engagements by the Government of Canada to strengthen the cybersecurity posture of the health sector as a whole. Public Safety is aiming to launch this survey tool in the coming weeks and will broaden the application of this tool to all 10 critical infrastructure sectors to examine the cybersecurity of all aspects of supply chains.
It should also be noted that the RCMP's national critical infrastructure team has worked with the Public Health Agency of Canada to share awareness material within the health sector. In addition, they have divisions across the country to continue to develop new partnerships within the health sector, increasing those organizations' situational awareness of the potential threat landscape.
Together, our three departments would like to note that even when all of the possible precautions are taken, if a compromise occurs, it is critical that organizations inform us of any cyber-incident they experience. Cybersecurity is everyone's responsibility, and it will take all of our expertise and collaboration to protect Canada and Canadians. The more we share, the better protected we will all be. If we don't share, then the next person who gets hit will be the next victim.
Thank you for the invitation to appear before you today. We will be happy to answer any questions you may have.