National Defence Committee on Feb. 14th, 2023

Evidence of meeting #50 for National Defence in the 44th Parliament, 1st Session. (The original version is on Parliament’s site, as are the minutes.) The winning word was disinformation.

A recording is available from Parliament.

On the agenda

Cybersecurity and Cyberwarfare

MPs speaking

John McKay
Shelby Kramp-Neuman
Darren Fisher
Christine Normandin
Taylor Bachrach
Cheryl Gallant
Emmanuella Lambropoulos
Pat Kelly
Jennifer O'Connell
Bryan May
Yves Perron

Also speaking

Jonathan Quinn  Director General, Continental Defence Policy, Department of National Defence
Lou Carosielli  Cyber Force Commander, Canadian Armed Forces, Department of National Defence
Marcus Kolga  Senior Fellow, Macdonald-Laurier Institute, As an Individual

4:05 p.m.

RAdm Lou Carosielli

We definitely do security analyses of all of our systems. That's part of our security and accreditation process. Prior to any system going live, we ensure that we understand how they connect and who they connect to. As indicated, I will not be able to go into greater details on any specific systems, given the classification of this room.

4:05 p.m.

Conservative

Cheryl Gallant Conservative Renfrew—Nipissing—Pembroke, ON

Italy's cybersecurity agency reported servers were compromised in Europe and North America on February 5 of this year. What can you tell the committee about the global ransomware attack that took place that week that affected Canadian servers?

4:05 p.m.

RAdm Lou Carosielli

I don't have any information on the attack that you're referencing.

4:05 p.m.

Conservative

Cheryl Gallant Conservative Renfrew—Nipissing—Pembroke, ON

Is there pressure—

4:05 p.m.

Liberal

The Chair Liberal John McKay

I'm sorry, Ms. Gallant; your five minutes are up.

With that, we'll go to Ms. Lambropoulos for five minutes.

4:05 p.m.

Liberal

Emmanuella Lambropoulos Liberal Saint-Laurent, QC

Thanks, Mr. Chair, and thank you to our witnesses for being here to answer some of our questions today.

Earlier you answered a couple of my colleagues when they asked you about the work that we do with our partners in other countries and you spoke a bit about the relationship we have with the United States and how interconnected you are with them when it comes to all things cyber that affect our countries.

I'm wondering if you can speak to how the Canadian Armed Forces works with all Five Eyes partners. Specifically, how do we learn from the way they do things? Is there a difference? Are they better at certain things than we are, and how are we able to learn from them?

4:05 p.m.

RAdm Lou Carosielli

Absolutely, I did talk about our American interactions earlier, but we do have coordination and discussions with all of our Five Eyes partners, and it's absolutely critical for us to do that. That's done at various levels.

We have several interactions as we go through different conferences together, etc. We also do have liaison officers with some of our other Five Eyes partners so that we can exchange information directly, but, most importantly, the best conversations are through the conduct of exercises. All Five Eyes participate in the exercises, and it gives us an opportunity to exchange best practices and build the relationships that we need so that when something goes wrong, we have points of contacts and easily share information together.

4:10 p.m.

Liberal

Emmanuella Lambropoulos Liberal Saint-Laurent, QC

Thank you very much.

My next question is regarding a tweet that was put out by the commander of the Canadian Army last week. It reads, “Our key allies are digitally transforming — and rapidly. Without a similar effort on our part, our very relevance as a reliable ally will be compromised.”

First, what are your thoughts are on that tweet? Second, I'm wondering what specific actions National Defence is taking in order to ensure our continued relevance from a cybersecurity perspective.

4:10 p.m.

RAdm Lou Carosielli

As Mr. Quinn indicated in his opening remarks, our allies are definitely investing in cybersecurity capabilities and improving their capabilities. So is Canada. We take that extremely seriously to be able to ensure that we provide the Government of Canada with the capabilities it requires to meet military missions, as well as missions that the CSE needs to conduct. We are doing that by ensuring that we have the right equipment and the right people. That was with the stand-up of the cyber-operators, and we are growing that trade.

As I indicated, we have met our recruitment numbers within the last three years, but we are on a steadily increasing path to be able to meet all of our capabilities.

4:10 p.m.

Liberal

Emmanuella Lambropoulos Liberal Saint-Laurent, QC

Are there any specific actions other than recruitment and personnel that you can talk about here?

4:10 p.m.

RAdm Lou Carosielli

No, not that I would be able to talk about in this room.

4:10 p.m.

Liberal

Emmanuella Lambropoulos Liberal Saint-Laurent, QC

How much time do I have left?

4:10 p.m.

Liberal

The Chair Liberal John McKay

You have a little under two minutes.

4:10 p.m.

Liberal

Emmanuella Lambropoulos Liberal Saint-Laurent, QC

You spoke a lot about the relationship that CAF has with CSE. There is a difference between what we heard last week from CSE and what you're telling us. Is there a reason for that? Would there be a reason for the difference in opinion? Are you both on the same page on that aspect? Can you speak a bit more on it?

4:10 p.m.

RAdm Lou Carosielli

Having read the transcript from the meeting last week and knowing the conversations we've had today, I don't know what differences are being highlighted. If you would like to be specific, I may be able to answer, or you may have to cc that question.

4:10 p.m.

Director General, Continental Defence Policy, Department of National Defence

Jonathan Quinn

Mr. Chair, if I could, I would share Admiral Carosielli's view. Our colleagues from CSE responded in very much the same way that we did. As I understand it, it was perhaps a witness from academia who shared a potentially contradicting view, which was that maybe there wasn't, from the public's view, as much close collaboration between DND, CAF, and CSE as in fact there is.

4:10 p.m.

Liberal

The Chair Liberal John McKay

Thank you.

Ms. Normandin, you have two and a half minutes.

4:10 p.m.

Bloc

Christine Normandin Bloc Saint-Jean, QC

Thank you very much.

One witness mentioned to us last week that perhaps there should be less focus on analyzing attacks that would, for example, have a large impact on critical infrastructure, because the likelihood of them occurring is low. According to this witness, we should instead focus more on smaller attacks that are likely to be in greater number and do just as much harm. SolarWinds comes to mind, for example.

I'd like you to talk about the training given to members of the military, and even civilians, to make sure that small attacks do not happen, that computer hygiene is good, in a way. Is training included in the basic military qualification? Are there follow-ups afterwards and ongoing training? I would like to hear you about that.

4:10 p.m.

RAdm Lou Carosielli

Thank you for your question.

As I mentioned, the training of cyber operators in the Canadian Armed Forces is progressive. First they learn how to defend against small networks, small attacks. With experience and additional training, they are prepared, in terms of defence, for more sophisticated attacks.

Any information we receive on a network is passed on to all of our partners, including CSE and law enforcement, to make sure that information reaches everyone who needs to know, which means those who will be on our network over the next few days or weeks.

4:15 p.m.

Bloc

Christine Normandin Bloc Saint-Jean, QC

How can we make sure that Canadian Forces employees who are not cyber operators, who work in other areas do not become gateways to cyber attacks?

4:15 p.m.

RAdm Lou Carosielli

Thank you. I had not understood that aspect of your question.

We provide general training to all members of the Canadian Armed Forces and to people in the public services. We just finished safety week. There are formal safety courses that they have to pass. There are also the usual messages sent out to counter phishing. We have to make sure that people know about the need to check where an email comes from before they open any attachments or click on any links.

4:15 p.m.

Liberal

The Chair Liberal John McKay

Thank you, Ms. Normandin.

Next we have Mr. Bachrach for two and a half minutes, please.

4:15 p.m.

NDP

Taylor Bachrach NDP Skeena—Bulkley Valley, BC

Thank you, Mr. Chair.

I would like to return to my previous line of questioning with regard to the relative size of the cyber force in the CSE's cyber team. Without referencing specific numbers of employees or that kind of thing, Admiral Carosielli, could you speak to the relative size? Which of these operations is larger, and by approximately how much? Does one have twice as many resources as the other?

Could you give the committee some sense of the relative scale of these two operations?

4:15 p.m.

RAdm Lou Carosielli

I would not be able to give you the relative size. As I indicated, I don't know the size of the CSE team, as I'm relatively new. I've been in the chair since the summer, but it's not something that has come up in conversation. I would not be able to answer that question.

4:15 p.m.

NDP

Taylor Bachrach NDP Skeena—Bulkley Valley, BC

Okay. That's no problem.

Rear-Admiral, I'm curious. In your work with the cyber force, have you ever come into contact with any programs by DND or CAF or another federal department that involve the collection of data on Canadians?