Public Safety Committee on Oct. 6th, 2022

Mr. Chair, thank you for this opportunity to discuss our geopolitical security environment, specifically the threat Russia poses to Canada.

I am happy to be here with Vice-Admiral Auchterlonie, who is the operational commander of our international and domestic operations, as well as Major-General Wright, who commands our intelligence enterprise. I'm also very happy to be here with my colleagues from CSC, Caroline Xavier and Sami Khoury, as you introduced.

We once again find ourselves in a chaotic and dangerous world where those with power, namely, Russia and China, are determined to remake the world order to suit their own ends and where the rights and freedoms of smaller, less powerful states are discarded. We are also witnessing violations of the sanctity of territorial sovereignty and of responsible dialogue about the use of nuclear weapons.

Russia and China do not differentiate between peace and war.

In seeking to achieve their national objectives they will use all elements of national power, often acting just below the threshold of large-scale, violent conflict—but, as we have seen in Ukraine, they are all too willing to cross that threshold.

Their aim is not just regime survival, but regime expansion.

In this context, they consider themselves to be at war with the west.

Their greatest threat comes not from external adversaries but from their own populations, so they strive to destroy the social cohesion of liberal democracies and the credibility of our own institutions to ensure that our model of government is seen as a failure.

We are seeing an example of this information war in real time, where the Ukrainians are winning the battle between truth and lies in the west, but the Russian narrative dominates in many other parts of the world.

Will we have an international order based on rules or one based on might? This contest of which order will prevail will certainly define the rest of our time in uniform and, indeed, the rest of our lives.

Many of our allies and partners are clear-eyed about the threat to our future.

We must be, too.

The stakes are high.

We must not allow authoritarian powers to change the world order to suit their purposes.

We must be strong. We must work with our partners and allies in a united front, and in doing so, deter miscalculation, adventurism and great power war.

Regarding our own national security, the distance and geographic isolation that Canada has enjoyed for so long is no longer a viable defensive strategy. Canada and the United States agreed in 2021 to invest in a long-needed modernization of NORAD, but Russia has also made significant investments, including in long-range aviation and the capability of the cruise missiles that its planes carry.

Russia also has the capability to threaten Canada via other domains, by sea but also in the cyber and space domains, where it is capable of threatening our networks, critical infrastructure, communications and economy.

Finally, there is the nuclear threat, repeated in a not so thinly veiled manner numerous times recently.

Right now, we do not believe that Russia plans to use strategic nuclear weapons against Canada. However, given the unfolding crisis in Ukraine and the potential for escalation, we must remain vigilant.

The Russian threat is very clear. Fortunately, so are the actions that we must take to meet that threat. As we prepare for the possibility of open conflict in traditional domains, we must also develop our capacity for confrontation in the cyber, space and cognitive domains.

We must integrate our capabilities across all domains. We must develop an integrated approach to national security that combines military responses with diplomatic, economic and information actions at the local, regional, national and multinational levels.

We must maintain an intellectual advantage, generating diverse policy options and ideas via an ongoing dialogue among allies, agencies, industries, academia and governments. This will be critical to sustaining our strategic edge.

We must not be naive about the threats in the world. Adversaries view compromise as weakness to be exploited. They only respect and respond to strength.

The rules-based international order, which has underpinned world stability and indeed our national prosperity for generations, is faltering. It needs to be defended. The gravity of these times should be apparent to all.

Thank you. We look forward to your questions.

Hello and bonjour. Thank you, Mr. Chair and members of the committee, for the invitation to appear today to discuss Canada's security posture in relation to Russia.

My name is Caroline Xavier. My pronouns are she, her and elle. I am the new chief of the Communications Security Establishment, known as CSE.

I am joined today by Sami Khoury, head of CSE's Canadian Centre for Cyber Security, which you have heard referred to as the cyber centre.

I'm pleased to join you. I too would just like to take a moment to acknowledge the land from which I'm joining you today, which is the traditional unceded territory of the Algonquin Anishinabe nation.

Today, I'd like to provide the committee with a brief update on CSE's role in Canada's cyber security posture as it relates to Russia, and some of the recent work that CSE has done to protect Canadians from related threats.

CSE, reporting to the Minister of National Defence, is one of Canada's key security and intelligence agencies. The Communications Security Establishment Act, or the CSE Act, sets out five aspects of our mandate: cybersecurity and information assurance, foreign intelligence, defensive cyber operations, active cyber operations, and technical and operation assistance. As part of this mandate, CSE is the country's lead technical authority for cybersecurity.

The Canadian Centre for Cyber Security, more commonly referred to as the Cyber Centre, is a branch within CSE and a single point of expertise on technical and operational cyber security matters.

I will now provide a brief breakdown of the key findings regarding the current cyber-threat landscape particularly as it relates to Russia. I should note that CSE has issued four bulletins about Russian-backed activities this year focused on threats to cybersecurity and on disinformation.

To set the stage, I'd like to highlight some of the current cyber threat challenges Canada faces. We identified these in our national cyber threat assessment, which I would encourage you to read if you'd like to have a better understanding of the current threat landscape.

In that assessment, we highlighted that cybercrime is the most prevalent and most pervasive threat to Canadians and Canadian businesses. Cybercriminals trying to probe Canadian systems have been found in Russia, China and Iran, among others. These actors use various techniques, such as ransomware, theft of personal data and online fraud. Critical infrastructure operators and large enterprises are some of the most lucrative targets.

While cybercrime is the most likely threat to impact the average Canadian, the state-sponsored cyber programs of China, North Korea, Iran and Russia pose the greatest strategic threat to Canada. Foreign cyber-threat activities, including Russian-backed actors, are attempting to target Canadian critical infrastructure operators as well as their operational and information technology.

Russia has significant cyber abilities and a demonstrated history of using them irresponsibly. This has included the SolarWinds cyber compromise, disruptions of COVID‑19 vaccine development, threats to Georgia's democratic process and the NotPetya malware.

Besides Russian-backed challenges to Canadian cybersecurity, as I have noted, Russian disinformation campaigns also threaten Canada and Canadians. In July of this year, CSE noted that it had continued to observe numerous Russian-backed online disinformation campaigns aimed at supporting Russia's brutal and unjustifiable invasion of Ukraine.

Now that I've gone over some of the key trends and threats, I'd like to provide an overview of how CSE's mandate helps us address these challenges.

CSE has unique technical and operational capabilities, which allow us to respond to the various types of threats Canada faces, such as the threat of hostile state actors.

CSE's foreign signals intelligence program provides sophisticated capabilities that allow us to access, process, decrypt and report on current and emerging cyber-threats. We then use this information to brief and disseminate to government.

The foreign intelligence CSE collects allows us to pass that information to not only critical infrastructure owners and operators in Canada, but also to our allied and NATO partners, as well as Ukraine.

Having this information ahead of any materialized threat allows them to proactively protect and defend their systems. The CSE Act further enables us to provide technical and operational assistance to federal law enforcement, security and defence partners, including the Department of National Defence, our Canadian Armed Forces, the RCMP and the Canadian Security Intelligence Service, or CSIS. This means that CSE is authorized to assist the CAF in support of government-authorized military missions, such as Operation Unifier. This includes intelligence sharing and cybersecurity.

One of CSE's main roles is to inform the government of the activities of foreign entities which threaten Canada or its allies. This may include foreign-based cyber threats, espionage, terrorism and even disinformation campaigns.

For example, since the Russian invasion of Ukraine began, we have observed numerous Russian-backed disinformation campaigns online that are designed to discredit and spread disinformation about NATO allies, as well as false narratives about Canada's involvement in the Russia-Ukraine conflict.

For example, controlled media outlets were directed to include doctored images of Canadian forces members on the front line and false claims about Canadian forces committing war crimes.

We shared this information on Twitter as part of the Government of Canada's efforts to help inform Canadians on how to help stop the spread of and protect themselves from disinformation.

We will continue to work closely with our Five Eyes partners, as well as harness all of our expertise to confidently ensure Canada's resiliency against threats in terms of cybersecurity or disinformation.

Although Russian cyber threat disinformation actors are becoming increasingly more sophisticated, I can assure you that we are working tirelessly to raise Canada's cyber security bar and protect all Canadians from these emerging threats.

We have the necessary expertise in place to monitor, detect and investigate potential threats. We are developing further capabilities and capacities to take active measures to protect, deter and defend against them.

We also continue to publish advice and guidance for Canadians and Canadian businesses to improve their cyber security practices.

We will continue to collaborate closely with our Five Eyes and NATO allies to protect the critical infrastructure, economies and democratic systems of our country.

With that, I will be pleased to have the opportunity to answer any questions you might have.

Thank you.

Mr. Chair, I think that the comments the member attributes to me are reflected in my opening statement as well about the urgency of the security situation that we are currently facing. I am concerned that as the threats to the world security situation increase and as the threats at home increase, our readiness is going down within the Canadian Armed Forces.

That is the reason we have embarked on what we're calling reconstitution. Reconstitution is a military operation that is used after a large-scale operation to rebuild, re-arm and re-equip.

The pandemic has not been kind to the Canadian Armed Forces, as our numbers have shrunk. We're embarking on a priority effort to get our numbers back up in recruiting and retention so that we can provide that readiness.

Readiness is more than just people. Readiness is also based on training, equipment and sustainment. We're working in those other three areas as well to make sure that we can provide the readiness that is essential so that we can respond at scale and speed to the needs of Canadians. We have lots of work to do in front of us.

Mr. Chair, this is a challenge that not only every western military is facing, but we're facing it here at home as well with labour challenges and real challenges in the workforce. That's reflected in our own numbers. I am very worried about our numbers. That's why we're putting as the priority effort the reconstitution of our military.

What we're doing about it specifically is looking at our recruiting system. We've staffed our recruiting system to 100%. We are streamlining the recruiting system. We've brought in a retention strategy. There are many more things that we continue to work on to ensure that the quality of service that our members experience is what it needs to be.

Let's face it, nobody joins the military to get rich. What we offer is something transcendent. It's the ability to serve your country. We have to make sure that the quality of service is extended to such aspects as financial security for our members and their families; quality equipment, so they can work on modern equipment; quality infrastructure that they can have; and meaningful employment, and that means meaningful overseas deployments as well as meaningful employment here in Canada.

Mr. Chair, it's not my position to talk about the specifics of our defence spending and any arbitrary target.

I will tell you that the military we have today is not the military that we need for the threats that are appearing in the future. We need to continue to look at and assess those threats, and make sure we have the capabilities to address those emerging threats.

Mr. Chair, “any eventuality” is a pretty broad characterization of the security environment. We have to deal in probabilities, because the imagination could run wild.

Mr. Chair, as I say, we need to rebuild our readiness so that we can respond with a sufficient number of forces at the speed required. That is what we are focused on right now, those four elements of readiness that I talked about.

Mr. Chair, this is something we watch closely as well. We have to be concerned about the possibility of escalation. That being said, we cannot allow nuclear coercion to stop us from doing the right thing. Others are watching, and it will become a model for the future.

In terms of the details, I'll turn it over to General Wright to provide additional context.

Mr. Chair, I would absolutely agree with the director of the CIA that Russia has the capability. What the Five Eyes alliance and our NATO allies are laser-focused on is whether the intent exists.

In terms of the question regarding indicators, this is obviously something the Five Eyes alliance is laser-focused on. We do closely track indicators and warnings. However, because of the sensitivity of those, I don't think we can discuss that in this forum.

I'll first turn to General Wright again to address that one.

Mr. Chair, we closely track all aspects of the conflict with Russia, and we have since the days before the invasion, when Vladimir Putin was blatantly lying that it was only a military exercise. We have been trying to ascertain both his intentions and also the strength of the Russian state and the support for him.

What I would say is that Vladimir Putin has spent over 20 years consolidating power in the state around him and a very small group of advisers.

If I may, Mr. Chair, there is only thing I would add.

CSE being the national foreign intelligence signals intelligence program, we provide intelligence so that senior decision-makers are able to get some of that insight into the activities, the motivations, as well as the capabilities and the intentions of some of those foreign adversaries, including some of the ones you mentioned.

That's about the extent of what we can discuss this morning.