Evidence of meeting #9 for Transport, Infrastructure and Communities in the 44th Parliament, 1st Session. (The original version is on Parliament’s site, as are the minutes.) The winning word was cybersecurity.
A recording is available from Parliament.
3:50 p.m.
Conservative
3:50 p.m.
Associate Head, Canadian Centre for Cyber Security, Communications Security Establishment
Do you mean in terms of the sectors, going into the specific results?
3:50 p.m.
Associate Head, Canadian Centre for Cyber Security, Communications Security Establishment
The sectors would be anything from, obviously, government. We have financial...we have the various sectors that are mentioned by Public Safety as well right across the board in terms of the—
3:50 p.m.
Conservative
Matt Jeneroux Conservative Edmonton Riverbend, AB
They'd have to be Canadian-based, Canadian-connected. Are they...? I guess, where—
3:50 p.m.
Associate Head, Canadian Centre for Cyber Security, Communications Security Establishment
Yes, absolutely, you're right. We look for incidents being reported from Canadian organizations within Canada. That's what we focus on and who we support through the cyber centre.
3:50 p.m.
Conservative
Matt Jeneroux Conservative Edmonton Riverbend, AB
In the last month you've had hundreds reported. Is that higher than in the last three years, or is this consistent with what you've seen?
3:50 p.m.
Associate Head, Canadian Centre for Cyber Security, Communications Security Establishment
I'm not sure of the last three years, but we're not seeing anything unusual in terms of the numbers. Cyber-threats have been consistent for years and years, and they have always been here, which is one thing we do want to stress. We have put out cyber-threat assessments talking about the threats to Canada from 2018, 2020.... This is something that we've dealt with on a regular basis. The threats tend to change over time.
The reporting is something we don't control, so I would hate to put too much emphasis on what is reported in terms of the general trend, but we're not seeing anomalous activity at this point in time, which I think is the—
3:50 p.m.
Conservative
Matt Jeneroux Conservative Edmonton Riverbend, AB
In my last 30 seconds—just to indicate I only have a short amount of time—this is for CBSA and Public Safety.
How many employees have been relieved of their duties due to perceived or actual involvement in foreign interference since 2015? If that number is zero, how many active investigations are ongoing?
3:50 p.m.
Vice-President, Travellers Branch, Canada Border Services Agency
I'm happy to start.
I'm not aware of any. I would have to verify on that front. Those are investigations that are normally undertaken by the RCMP. They'd probably be better positioned to speak about any insider threat type of activity that would have been investigated at the CBSA.
3:50 p.m.
Liberal
The Chair Liberal Peter Schiefke
Thank you very much, Mr. Vinette.
Mr. Chahal, the floor is yours. You have six minutes.
March 24th, 2022 / 3:50 p.m.
Liberal
George Chahal Liberal Calgary Skyview, AB
Thank you, Chair.
I first want to thank all the witnesses for their testimony and for joining us today.
I'll start my questions with you, Mr. Gupta. To your knowledge, where do most of the cyber-attacks or attempted attacks against Canada originate from?
3:55 p.m.
Associate Head, Canadian Centre for Cyber Security, Communications Security Establishment
Cyber-attacks can originate from anywhere in the world. Wherever they originate from doesn't necessarily represent where they're coming from. Threat actors are always trying to hide where they're coming from.
From our cyber-threat assessments in 2018 and 2020, we talked about the major threats facing Canada, the number one being cybercrime. There are many different cybercriminals out there, and that is the one that we identified as major. In addition to that, we highlighted the state-sponsored programs of China, Russia, North Korea and Iran. These are the threats we had indicated in terms of being the most significant threats to Canada.
3:55 p.m.
Liberal
George Chahal Liberal Calgary Skyview, AB
Which countries are the best at defending against cyber-attacks, and what can we learn from them? Do you have any specific examples that you can provide?
3:55 p.m.
Associate Head, Canadian Centre for Cyber Security, Communications Security Establishment
I don't know if there's a real assessment as to which country is the best. I know that in terms of the Government of Canada, we have a fairly significant cyber-defence program. It has been modelled in other parts of the world. We have divested technologies from Canada to other countries, such as the U.K. They have publicly stated that they've taken some of our host-based technology and implemented it.
I think we have a good program here. We certainly work closely with our Five Eyes partners to share notes and make sure that we are amongst the best in the world here.
3:55 p.m.
Liberal
George Chahal Liberal Calgary Skyview, AB
Do you see us as a global leader in defending against cyber-attacks?
3:55 p.m.
Associate Head, Canadian Centre for Cyber Security, Communications Security Establishment
I think across the Government of Canada, yes.
3:55 p.m.
Liberal
George Chahal Liberal Calgary Skyview, AB
Great. Thank you.
Mr. Schwartz, in your testimony you talked about public safety assessments and the impacts to our transportation, ports, and electrical grids. Have you seen Russian-backed hackers attack, or have you seen attempted attacks on our transportation infrastructure before, either here in Canada or in other countries?
3:55 p.m.
Acting Director General, Critical Infrastructure Directorate, National and Cyber Security Branch, Department of Public Safety and Emergency Preparedness
Mr. Chair, given the operational nature of the question, I would probably have to defer to my colleague at the Canadian Centre for Cyber Security, just based on the type of activities they monitor and the role they have there.
I'm afraid I can't speak to that in any detail.
3:55 p.m.
Liberal
George Chahal Liberal Calgary Skyview, AB
Can you talk a little bit—you did touch on these topics—about the assessments and the work you've done with regard to those sectors?
3:55 p.m.
Acting Director General, Critical Infrastructure Directorate, National and Cyber Security Branch, Department of Public Safety and Emergency Preparedness
Absolutely.
We have two programs. One that I mentioned is the regional resilience assessment program, or RRAP, as we call it. There is a physical security and a cybersecurity component to that. These are programs that, in the case of the RRAP, go out to all 10 CI sectors across the country in all regions of the country. It has done, as I mentioned, a number of assessments at various CI facilities. There is a very robust physical security assessment, which looks at the typical “guards, gates and guns” type of approach. It's a 1,500-question set that we use to sit down with CI owners and operators.
That is supplemented by what we call the Canadian cyber-resilience review. It's a cyber-based question set focusing on cyber hygiene and cybersecurity posture. In addition to that, we've onboarded a new tool this year called the network security resilience assessment, which is able to plug into the facility's networks and look for weaknesses and vulnerabilities. That's also being used by the Canadian Centre for Cyber Security. We are collaborating and liaising in that respect.
In addition to that, we undertake critical infrastructure impact assessments that look at cascading impacts across sectors. Again, we take an all-hazards approach to our work. If there is an earthquake, a flood or some other type of disruption—blockades are a good example from the last few weeks—we will look at the nature of the threat or the hazard and then look at other sectors where there will be a domino effect, if you will, in terms of interdependencies and impacts that might happen in other sectors with ultimately impacts on Canadians resulting from the disruptions to CI that deliver services to them.
3:55 p.m.
Liberal
George Chahal Liberal Calgary Skyview, AB
Thank you.
Mr. Gupta, would you like to have an opportunity to answer? Have we seen Russian-backed hackers attack or attempt to attack transportation or port infrastructure before, either here or abroad?
4 p.m.
Associate Head, Canadian Centre for Cyber Security, Communications Security Establishment
I'm not aware of the port activity that you talked about.
4 p.m.
Associate Head, Canadian Centre for Cyber Security, Communications Security Establishment
Transportation infrastructure is fairly broad. I would have to dig into my memory there to see exactly what has happened.