Hackers 'constantly probing' federal computers, CSEC chief says
Malicious hackers are "constantly probing" federal computer systems so they can break in and steal coveted information, says the head of Canada's electronic spy agency.
Communications Security Establishment Canada chief John Forster says the revelation this week that a Chinese state-sponsored player infiltrated the National Research Council's computer network shows Canada is not immune from such aggression.
China has vehemently denied involvement in the cyberattack, accusing Canada of making baseless accusations.
But Forster used the attack on the research council — whose specialists study everything from aerospace technology to crop science — to defend CSEC's role in protecting federal computers.
"These malicious actors are constantly probing Government of Canada systems and networks for weaknesses so that they infiltrate them and steal valuable information," Forster wrote in a letter to the editor of the Globe and Mail.
"When we detect emails or other communications that contain malware or other threats, we block, collect and analyze them. And, we work with appropriate departments to take action to neutralize the threat."
Snowden leaks raised questions
The spy service takes strict measures to protect the privacy of Canadians in doing such work, Forster insisted.
CSEC employs mathematicians, codebreakers, linguists and software experts with the aim of both collecting foreign secrets and shielding Canada's confidences from prying eyes.
Leaked revelations from Edward Snowden, a former U.S. intelligence contractor, have raised questions about the CSEC's surveillance activities, which include monitoring foreign email and telephone communications for information of intelligence interest to Canada.
The intrusion at the National Research Council, and the government's public declaration of CSEC's role in detecting it, underscore the agency's defensive work in cyberspace.
CSEC says it cannot monitor global communications in the modern era of Internet-based traffic without sweeping up at least some Canadian information.
As a result, the defence minister specially authorizes CSEC's cyberdefence efforts. Otherwise, these activities would risk violating the Criminal Code provision against intercepting private Canadian communications.
The agency doesn't keep personal information about Canadians if the material is considered irrelevant to protecting networks, Forster said in the letter to the Globe.
However, the spy agency has acknowledged that it maintains an information bank containing the personal information of "potentially any individual" who communicates electronically with a key federal computer network while CSEC is assessing its vulnerability.
For instance, the personal information of a Canadian might be kept if a foreign cyberattacker engages in phishing — an attempt to compromise a government department's system by sending a carefully crafted email that appears to originate from a known or trusted sender, the spy agency says.