National Defence Committee on Feb. 14th, 2023

It's no problem.

I was simply going to add that Admiral Carosielli has outlined the really close operational ties and relationship between DND, CAF and CSE. I was going to add that the close relationship also extends to the policy sphere.

I work extraordinarily closely with my counterparts at CSE on policy questions, and we're fully joined. We collaborate very closely across the board with CSE.

Our relationship with our allies is as important as our relationship with CSE. We work very closely with the U.S. Of course, working with the U.S. is important for not only the defence but also the prosperity of North America.

We are very closely aligned with U.S. Cyber Command, so much so that I have a liaison officer embedded within U.S. Cyber Command, as well as numerous personnel who range all the way from cyber-operators to cyber operations planners. This is very important for us. It's an ability for us to have daily conversations. I participate in weekly discussions with U.S. Cyber Command, and that is absolutely critical for us.

We work with U.S. Cyber Command, and our allies within the Five Eyes and NATO, in order to ensure we meet the requirements of our allies and partners, as well as Canada's.

The CAF and CSE cyber capabilities differ for the principal reason that we do not want to duplicate or have redundant capabilities. CSE has more specialized technical expertise, while the Canadian Armed Forces are typically used for the last mile, in order to ensure that we have intelligence that supports both CSE and the CAF.

The CAF and CSE operate together, depending on what support is required and under whose authorities certain operations are being done.

If a specific military operation is being done under CAF authorities and we need some support in the form of intelligence or tools, we can get that via section 20 of the CSE Act.

Similarly, if CSE is working on something and they need some of our subject matter expertise, there are ways for them to ask for our support. We can provide that and support them under CSE authorities in order to meet the requirements of Canada.

It is a very important question and it's very germane to what's going on in Russia and Ukraine.

Russia is still a very serious cyber-actor. As you indicated, the top four are Russia, China, Iran and North Korea.

With respect to your comments on cyberwarfare and more traditional conventional warfare, early in the fall we definitely saw a direct link between cyber events and kinetic activity. Just prior to any bombing of an area, we would see an increase in utilization of servers and IT systems that preceded a target being hit shortly thereafter.

There is a link between their cyber activity and their kinetic, conventional activity.

Absolutely, Mr. Chair.

We talk about “the last mile” in-country. CSE personnel do not typically go into war zones or conflict zones, so in Canadian missions the last mile is done by Canadian Armed Forces personnel.

Thank you for your question.

Cyber operations by the Canadian Armed Forces may be conducted as long as they receive a mandate to do so during a mission. In such cases, authorizations are given by the Government of Canada or by Cabinet.

Operations are also done under a mandate given by the Communications Security Establishment, the CSE. I believe that, in that case, the approval is given by the Department of National Defence and the Department of Foreign Affairs.

Operations in the course of missions are approved through a very well-established process. As for those coming from the CSE, unfortunately I cannot tell you more.

Just as is the case for other government departments and for the industry, the Canadian Armed Forces and cyber forces have logistical support issues. They had that problem during the COVID‑19 pandemic, for example.

With respect to procurement in Canada, this requires a full departmental effort. We work with Public Services and Procurement Canada and Innovation, Science and Economic Development Canada to make sure that our projects move forward efficiently and that we find innovative equipment.

We will certainly continue to reach out to industries so that they can maintain an open and competitive supply chain and be aware of what the future holds.

Thank you for your question.

Absolutely, attribution of cyber-attacks and malicious cyber-activity is a challenge. By their very nature, they tend to be intended to be covert action. Canada's position in the statement I alluded to on our interpretation of international law in the opening remarks is really just to be transparent and hold ourselves to account in Canada and to set a standard for our own behaviour in cyberspace and to lay out our interpretation of law.

There is an active effort when there is a malicious cyber-event in Canada to determine where it came from, but as you rightly mention, it is a challenging space. There's a process led by our colleagues at Global Affairs Canada to attribute publicly, when it's in our interest to do so, when those attacks occur and where they come from and to lay out some details, but it's only when there is really strong, defensible proof of the origin of that attack that a public attribution is made.

Thank you for your question.

I would say that among our allies and like-minded countries there's a concerted effort to be transparent.

Again, I'm slightly outside of my lane—it's a Global Affairs lead—but as I understand it, I think that publication of various states' interpretation of international law as it relates to cyberspace began as a G7 initiative, if I'm not mistaken. Certainly our like-minded allies are committed to it, and there are efforts to encourage other countries to take a similar approach, but as is the case in a lot of issues in this domain, it's a bit of a mixed bag in terms of different countries' adherence to and commitments to transparency in this domain.

Mr. Chair, I'll start, and the admiral may have something to add.

It's a great question. It is a complicated space. There are lots of players across government in this area. In terms of the Canadian federal lead for cybersecurity—ensuring the security of government networks, providing assistance to holders of networks in critical infrastructure and that sort of thing— Public Safety has the overall lead.

The Canadian cybersecurity centre was specifically established. It's a CSE body, but it also works under policy set by Public Safety. It has an important role to play there in sharing best practices, providing assistance to Canadian companies, and identifying and mitigating threats.

The Canadian Armed Forces come in. Admiral Carosielli can speak a little bit more to this as well. Unlike other government departments, DND and CAF have the responsibility to defend and secure their own classified networks. That's a bit unique in the federal government.

As I mentioned in my opening remarks, in “Strong, Secure, Engaged”, the government announced its intention to allow the Canadian Armed Forces to conduct offensive cyber-operations as well, in pursuit of Canadian interests. As has been discussed previously, we do those in close partnership with our colleagues at the Communications Security Establishment.

Admiral, did you want to add anything to that?