Mr. Speaker, as part of its mandate, Communications Security Establishment Canada, CSE, protects electronic information and information infrastructures that are of importance to the Government of Canada, helping to thwart criminal or state-sponsored cyber threat activity targeting our systems. Every day, CSE uses its sophisticated cyber capabilities and technical expertise to identify and defend against threats to Canada’s information systems and networks, and to take active measures to address them.
The definition of the term “cyberattack” is highly variable. CSE uses the term “malicious cyber attempts” to capture unsuccessful attempts to identify vulnerabilities and penetrate a system. CSE does not track disaggregated statistics regarding malicious cyber attempts on government servers or websites. However, as outlined in the recently released 2023-2024 Annual Report, CSE’s Canadian Centre for Cyber Security, known as the cyber centre, blocked an average of 6.6 billion potentially malicious actions a day ranging from routine scans to sophisticated intrusion attempts.
When a cyber incident occurs, responding rapidly and taking the right steps can significantly reduce the potential harm and speed up the recovery process. The cyber centre’s definition of a cyber incident covers a wide range of attempted threat activity, whether successful or not. During 2023-24, the cyber centre helped respond to 2,192 cyber security incidents across the Government of Canada and Canadian critical infrastructure. This is slightly more than the previous year.
CSE and its cyber centre generally do not comment on cyber incidents. However, since January 1, 2021, CSE has publicly acknowledged its involvement in supporting government partners who have experienced cyber incidents. On January 19, 2022, a cyber incident was detected against Global Affairs Canada, or GAC. CSE and its cyber centre, in conjunction with government partners including the Treasury Board Secretariat’s Office of the Chief Information Officer and Shared Services Canada, worked together to respond to the incident. In March 2022, CSE and its cyber centre worked with the National Research Council in response to a cyber incident. In October 2022, CSE and its cyber centre worked with the IT branch of the House of Commons Administration in response to a cyber incident. The cyber centre provided cyber security assistance and support to ensure that critical services for parliamentarians and House of Commons staff remain functioning. In September 2023, CSE and its cyber centre reported several distributed denial of service campaigns, also known as DDoS campaigns, targeting the Government of Canada, provinces and territories, as well as the financial and transportation sectors. The cyber centre worked with government partners and supporting organizations outside the government as well. In January and February 2024, CSE and its cyber centre worked with colleagues at GAC as they managed a cyber incident. In February 2024, CSE and its cyber centre worked with colleagues at the Royal Canadian Mounted Police, the RCMP, as they managed a cyber incident. In March 2024, CSE and its cyber centre worked with colleagues at the Financial Transactions and Reports Analysis Centre of Canada (FINTRAC) and Global Affairs Canada as they managed a cyber incident.
Given the constantly evolving threat environment in which CSE operates, for reasons of national security, CSE is unable to provide any additional information. Releasing the requested detailed information would allow hostile actors to gain insights into our security and processes that would jeopardize CSE’s operations, thereby compromising national security.