Evidence of meeting #49 for National Defence in the 44th Parliament, 1st Session. (The original version is on Parliament’s site, as are the minutes.) The winning word was information.
A recording is available from Parliament.
10:25 a.m.
Ph.D. Candidate, Balsillie School of International Affairs, Wilfrid Laurier University, As an Individual
What I would pose here is that, when you talk about cybersecurity issues that become major cybersecurity threats, we have to back it up a bit and understand that cyber illiteracy is also a major issue for a lot of businesses and people. When we have cyber-incident reporting, that's good, but we need to sort of back it up and go from the start.
We need to ensure there are cybersecurity considerations for particular projects, for particular—
10:25 a.m.
Conservative
Cheryl Gallant Conservative Renfrew—Nipissing—Pembroke, ON
Mr. Chair, she's not answering the question, so let's go to Mr. Rapin.
Should the public be made aware, when there's a cyber-attack under way on our major systems in Canada?
10:25 a.m.
Research Fellow, Raoul-Dandurand Chair in Strategic and Diplomatic Studies, Université du Québec à Montréal
I’ll answer in French, if I may.
My opinion is that yes, there should be more transparency. Of course, as researchers, we are biased because we want more information to do our work, but I think it is obviously in the public interest to have more transparency. What we see is that people do not necessarily feel like it is about them, when it is. It’s what we see with the incidents you gave as examples. People are suddenly shocked by what is happening and they do not understand what is going on, because there is very little public debate on cyber issues in Canada, since there is little information to go on.
It would be good for everyone if we could get more transparency on these issues.
10:30 a.m.
Conservative
Cheryl Gallant Conservative Renfrew—Nipissing—Pembroke, ON
Generally, how long does it take for entities to realize that their system is under attack versus dealing with a software glitch?
10:30 a.m.
Research Fellow, Raoul-Dandurand Chair in Strategic and Diplomatic Studies, Université du Québec à Montréal
I wouldn’t be able to give you any specific data on that.
10:30 a.m.
Conservative
Cheryl Gallant Conservative Renfrew—Nipissing—Pembroke, ON
Canada has not yet experienced a totally debilitating cyber-attack. Can you tell the committee what a full-on attack would look like?
10:30 a.m.
Research Fellow, Raoul-Dandurand Chair in Strategic and Diplomatic Studies, Université du Québec à Montréal
The example we often hear about is a cyberattack on the electrical grid. That could cause a lot of damage. We saw examples of that in Ukraine, in 2015 and 2016, if I remember correctly. Hundreds of thousands of people were without electricity for hours. I don’t know how vulnerable Canada’s electrical grid is.
10:30 a.m.
Liberal
The Chair Liberal John McKay
Mr. Rapin, I appreciate the difficulty in responding to that question, but it's still a good question. Maybe there's a possibility you could, if you have the opportunity, write a response. It may be a way to handle that.
We'll go to Mr. Sousa for three minutes.
February 10th, 2023 / 10:30 a.m.
Liberal
Charles Sousa Liberal Mississauga—Lakeshore, ON
Thank you, Mr. Chair.
The previous testimonies talk about what seems to be a worldwide threat. This is not just Canada. We talk about the Five Eyes and the partnerships we try to engage with other states to protect ourselves and to protect the world, in essence. It affects our supply chains and ways of businesses, not just politics and elections, and not just defence. There are real economic consequences to some of these issues.
We also heard about silos and how there seem to be silos within Canada. There is greater co-operation being developed, but there are also silos around the world, even within the Five Eyes. You, yourself, mentioned that you don't know all the issues, so how do we then provide co-operation with other states and, at the same time, protect our own national security. We don't want to divulge too much information.
I am also concerned about cognitive warfare and fake news, these other incidents that take place to disrupt our way of life and our democracy. I've heard a lot of solutions and no solutions. That seems to be the answer. There's very little that we can do, because we're still trying to learn and keep up.
We heard an answer that “they don't tell us”—this Big Brother, this matrix that exists. Who are “they”?
10:30 a.m.
Research Fellow, Raoul-Dandurand Chair in Strategic and Diplomatic Studies, Université du Québec à Montréal
When I mentioned transparency… It can be for various types of entities.
The federal government could be more transparent. Nearly a year ago, Global Affairs Canada was hit by a major cyber incident. My sources give me very good reason to think that Russia was behind the incident and that it didn’t take long to figure out that it was the culprit.
For the time being, the government is very reluctant to disclose that information, even though it would be in the public interest and it’s important for Canadians to know.
10:30 a.m.
Liberal
Charles Sousa Liberal Mississauga—Lakeshore, ON
I'm going to pose the same question to you, Ms. Csenkey, because what I'm hearing is what we're always hearing—that there are a number of groups that are responsible, and they are trying to co-operate to find a solution while at the same time protecting our national security.
How do we provide the solutions you're talking about in regard to silos, where we are aware that there are discussions but there's the notion of transparency without divulging national security issues, even with other states, even beyond the Five Eyes?
10:30 a.m.
Ph.D. Candidate, Balsillie School of International Affairs, Wilfrid Laurier University, As an Individual
There's a lot of content there so I'm going to try to be as quick as possible.
I would say, number one, attributions are difficult at the best of times when identifying cybersecurity attacks, motivations, the individuals or groups or states responsible for these attacks. That does make it difficult. For example, it could be a cybercriminal group that is attacking a certain target for the purpose of profit. It could be a group that is working on behalf of a—
10:35 a.m.
Liberal
The Chair Liberal John McKay
I apologize again, Ms. Csenkey, but I'm going to have to cut off Mr. Sousa.
You have a minute, Mr. Garon.
10:35 a.m.
Bloc
Jean-Denis Garon Bloc Mirabel, QC
Ms. Csenkey, if you could submit a written response to the committee for the previous question, I would appreciate it.
Mr. Rapin, is diplomacy still a solution with China in trying to prevent cyberattacks, or should we be looking at a more preventive approach?
10:35 a.m.
Research Fellow, Raoul-Dandurand Chair in Strategic and Diplomatic Studies, Université du Québec à Montréal
I’m not sure I can answer your question.
I can tell you that in the US, where I think they realized much sooner that economic espionage by China, for example, is a massive problem, the Obama administration tried a diplomatic approach.
At the time, President Obama went to meet his counterpart in China and an agreement was negotiated to try to put an end to economic espionage. From what we were able to find out, it worked for about a year. In any case, there was a major decrease in Chinese economic espionage activities. At the next crisis, or for various reasons, economic espionage started up again.
I am not saying that to discredit the diplomatic approach. Diplomacy plays a role in certain aspects.
10:35 a.m.
Research Fellow, Raoul-Dandurand Chair in Strategic and Diplomatic Studies, Université du Québec à Montréal
I would say that it has its limits, depending on the circumstances.
10:35 a.m.
Liberal
The Chair Liberal John McKay
We're going to have to again leave it there.
You have one minute, Mr. Boulerice.
10:35 a.m.
NDP
Alexandre Boulerice NDP Rosemont—La Petite-Patrie, QC
Thank you, Mr. Chair.
Mr. Rapin, it worries me to hear you say there have been 93 known cyber incidents in Canada since 2010, and that they are happening more often. It’s not surprising that they are coming from China, Russia, Iran and North Korea. There are espionage, surveillance and intelligence operations.
Are these cyber incidents or cyberattacks aimed at public infrastructure such as agencies and departments, or at private companies such as banks, with information being sought about members of the public?
10:35 a.m.
Research Fellow, Raoul-Dandurand Chair in Strategic and Diplomatic Studies, Université du Québec à Montréal
It’s not easy to say. Based on the public, open‑source information we use, the type and number of Canadian entities that have been targeted are often unclear. For example, we use reports from cybersecurity firms indicating that Canadian entities were hit. We don’t know whether there were many entities or just one or two; we also don’t know whether it’s companies, government bodies or other entities.
10:35 a.m.
Liberal
10:35 a.m.
Conservative
Pat Kelly Conservative Calgary Rocky Ridge, AB
Thank you.
I want to continue talking about the 93 specific incidents that you've recorded since 2010. You said that China, Russia, Iran and North Korea are the primary...or perhaps all 93 of them can be attributed to those four countries. You talked about economic espionage, but you also talked about the surveillance of activists. Do I take it from that you're talking about dissidents in Canada, diaspora communities? You talked about the number of people who are affected.
Can you tell me how many Canadians would be victims of these kinds of attacks or the targets of these attacks? Give us more information on how these geopolitical cyber-incidents affect individual Canadians and what sort of harm is caused by these incidents.
10:35 a.m.
Research Fellow, Raoul-Dandurand Chair in Strategic and Diplomatic Studies, Université du Québec à Montréal
It’s difficult to give a number because these incidents can take different forms and be more or less aggressive, depending on the person being targeted. In the case of the Uyghur community, it can be extremely aggressive. In other cases, it can take other forms. Last December, for example, Amnesty International Canada was targeted by a cyberattack that likely came from China. The degree of involvement of the targeted actor varies, and the aggressiveness of the attack therefore does as well.
I think we’ve listed three countries that have so far targeted activists, NGOs or dissidents in Canada. Chronologically, the first was Saudi Arabia, which targeted a dissident living in Canada. That was brought to light by Citizen Lab at the time. Next was China, which targeted Uyghurs in particular and conducted operations against members of Falun Gong. More recently, we’ve started to see Iran doing similar things. It is currently suspected of conducting electronic espionage in relation to demonstrations.
10:40 a.m.
Conservative
Pat Kelly Conservative Calgary Rocky Ridge, AB
May I just ask you, on that point with respect to China and the use of cyber-incidents against the Chinese diaspora in Canada—against their citizens and Canadian citizens—are Beijing's diplomatic offices in Canada involved in these attacks? Is this coming strictly from outside or is this with the co-operation of their diplomatic missions in Canada?