Good afternoon.
Thank you, Mr. Chair and members of the committee for the invitation to appear today to discuss Canada’s preparedness to respond to Russian threats to Canadian waters, ports and airspace.
My name is Rajiv Gupta and I am the associate head of the Communications Security Establishment's Canadian Centre for Cyber Security, which we more commonly refer to as the cyber centre.
CSE, reporting to the Minister of National Defence, is one of Canada's key intelligence agencies and the country's lead technical authority for cybersecurity. The cyber centre is a branch within CSE and a single point of expertise on technical and operational cybersecurity matters. We defend the Government of Canada, share best practices to prevent compromise, manage and coordinate incidents of importance and work to enable a secure digital Canada.
Canadian cyber systems inside and outside of government hold information and personal data that is critical to Canada's prosperity, security and democracy. Canadian cyber systems are also essential to critical infrastructure operations. It is critical that these systems are protected, and I can assure you that CSE and its cyber centre recognize this importance.
While I can't speak to our specific operations in this setting, I can confirm that we have been tracking cyber-threat activity associated with the current Russian invasion of Ukraine. We know that Russia has significant cyber capabilities and a demonstrated history of using them irresponsibly. The NotPetya destructive malware of 2017 is an example of this behaviour and illustrates how a cyber-attack on Ukraine can have international consequences.
As the situation evolves, CSE continues to monitor the cyber-threat environment in Canada and globally, including cyber-threat activity directed at critical infrastructure networks and operational and information technology systems.
For Government of Canada networks, we have the tools in place to monitor, detect and investigate potential threats and to take active measures to protect and defend against them. For Canada, we have issued unclassified threat bulletins urging Canadian critical infrastructure operators to be aware of the risks and to implement mitigations against known Russian-backed cyber-threat activity.
We strongly encourage all Canadian organizations to take immediate action, increase organizational vigilance and bolster their online cyber-defences. We also encourage all Canadians to visit getcybersafe.gc.ca, and all businesses to visit cyber.gc.ca to learn more about our best practices that can be applied to protect them from cyber-threats.
Ransomware poses a significant threat to Canadian organizations. Its impacts can be severe, including business downtime, permanent data loss, intellectual property theft, privacy breaches, reputational damage and expensive recovery costs. We are calling on Canadian organizations to implement the best practices specified in the ransomware playbook put out by the cyber centre.
In addition to public advisories and guidance, the cyber centre continues to share valuable cyber-threat information with Canadian critical infrastructure partners via protected channels. This information includes indicators of compromise, threat mitigation advice and confidential alerts regarding new forms of malware and other tactics, techniques and procedures being used to target victims.
Within government, CSE has been sharing valuable cyber-threat intelligence with key partners supporting Ukraine. CSE continues to support the Department of National Defence and the Canadian Armed Forces on measures to support enhanced intelligence co-operation, cybersecurity and cyber-operations.
Members, as geopolitical tensions continue to rise, I want to assure you that CSE is constantly working to help address foreign and cyber threats facing Canada,
and we will continue to do so.
I'll be happy to answer any questions you may have.
Thank you.