Evidence of meeting #111 for Procedure and House Affairs in the 42nd Parliament, 1st Session. (The original version is on Parliament’s site, as are the minutes.) The winning word was identification.
A recording is available from Parliament.
4 p.m.
Deputy Chief, Information Technology Security, Communications Security Establishment
It's outside my area of expertise and also not an area that we would cover.
4:05 p.m.
NDP
Nathan Cullen NDP Skeena—Bulkley Valley, BC
So there were no Russian cyber-attacks that CSEC is aware of.
4:05 p.m.
Deputy Chief, Information Technology Security, Communications Security Establishment
The report said that we didn't see any nation-state cyber type of activity.
4:05 p.m.
NDP
Nathan Cullen NDP Skeena—Bulkley Valley, BC
I guess Russia being a nation-state, it would include them.
It's just confusing, because that's a pretty big deal. I saw the news, and I thought, “Holy mackerel, Russia attacked our democracy. We should find out how and not let it happen again.” We asked Elections Canada, and they said the same thing you just said. I'd like to find someone—maybe the government can provide a witness—who can tell us exactly what happened so that Canadians are aware.
Now, there are different types of hacks. There are people just looking to cause disorder, but you also mentioned “enthusiasts”? What's an enthusiast?
4:05 p.m.
Deputy Chief, Information Technology Security, Communications Security Establishment
Sometimes an enthusiast is somebody who does it just because they can. They want to show that they can actually achieve something. They can achieve their goal.
4:05 p.m.
NDP
Nathan Cullen NDP Skeena—Bulkley Valley, BC
They're not politically motivated, you mean? They're just showing off?
4:05 p.m.
Deputy Chief, Information Technology Security, Communications Security Establishment
It's just that they can do it, yes.
4:05 p.m.
NDP
Nathan Cullen NDP Skeena—Bulkley Valley, BC
Right: denial of service stuff, crashing a website—and stealing data?
4:05 p.m.
Deputy Chief, Information Technology Security, Communications Security Establishment
In some cases, absolutely.
4:05 p.m.
NDP
Nathan Cullen NDP Skeena—Bulkley Valley, BC
If they hack into Elections Canada, they can get the voter registry. They can get some information, but it's not exactly a gold mine.
4:05 p.m.
Deputy Chief, Information Technology Security, Communications Security Establishment
That's also why we work with Elections Canada to bolster their cyber-defences, so that they are able to deal with those types of activities.
4:05 p.m.
Deputy Chief, Information Technology Security, Communications Security Establishment
We've made the offer to meet with any political party to give advice.
4:05 p.m.
NDP
Nathan Cullen NDP Skeena—Bulkley Valley, BC
Do you provide a service to political parties to make their systems protected?
4:05 p.m.
Deputy Chief, Information Technology Security, Communications Security Establishment
Right now it would be limited to kind of architectural advice in terms of how to set up systems and how to—
4:05 p.m.
NDP
Nathan Cullen NDP Skeena—Bulkley Valley, BC
You can point at things, but you don't do the thing itself.
4:05 p.m.
Deputy Chief, Information Technology Security, Communications Security Establishment
No. We are limited in terms of providing services.
4:05 p.m.
Deputy Chief, Information Technology Security, Communications Security Establishment
Everything can be. Now you can make it hard and very expensive.
4:05 p.m.
NDP
Nathan Cullen NDP Skeena—Bulkley Valley, BC
Sure. Do political parties make it hard and very expensive to hack into their systems?
4:05 p.m.
Deputy Chief, Information Technology Security, Communications Security Establishment
I actually don't have the detailed information on how individual political parties—
4:05 p.m.
Deputy Chief, Information Technology Security, Communications Security Establishment
No. That's something that would have to be a direct request. We would probably refer to a commercial service to do that rather than us doing that sort of test.
4:05 p.m.
NDP
Nathan Cullen NDP Skeena—Bulkley Valley, BC
To the best of your knowledge, do political parties hire that commercial service or go through you? That's something a private corporation that has sensitive information will do. They will hire someone to hack them and test them.