Parliamentary Committee Notes: Cyber Security and Protecting Canada's Critical Infrastructure
Issue
Protecting critical infrastructure against cyber threats from hostile state actors and cybercriminals is an essential component to cyber security and resilience, which is vital to national security and public safety.
Proposed Response
Malicious cyber activities targeting the cyber systems that underpin critical infrastructure are a constant concern for businesses, individuals, and governments in Canada.
The evolving threat environment, including hostile activities by state actors, the ongoing Russian invasion of Ukraine, extreme weather events, supply chain disruptions, and the pandemic have shown that we must continue to develop new approaches to critical infrastructure security and resilience.
The Government of Canada takes the security and resilience of our critical infrastructure seriously. Since 2018, Canada's National Cyber Security Strategy has been the roadmap for Canada's path forward on cyber security and has inspired steady progress in the development of resilient systems, innovation, and national cyber coordination and collaboration.
The Government of Canada is working to enhance the cyber security of the country's critical infrastructure through the identification of cyber threats and vulnerabilities, and by preparing for and responding to cyber incidents.
For example, Public Safety Canada's Cyber Security Assessment tools help owners and operators of Canada's critical infrastructure evaluate their cyber security maturity against established benchmarks and by peer comparison, while also offering concrete guidance on how they can become more cyber-resilient.
The Communication Security Establishment's Canadian Centre for Cyber Security works with other levels of government, the private sector, and academia to enhance the cyber resilience of critical infrastructure in Canada.
The Cyber Centre shares valuable cyber threat information, best practices, and technical guidance with Canadian critical infrastructure owners and operators.
The Cyber Centre also develops threat assessments and provides public and targeted advisories to analyze threats facing critical infrastructure owners and operators and share strategies to mitigate them.
Public Safety Canada and the Cyber Centre are also partners in delivering programming focused on protecting industrial control systems for critical infrastructure, which refer to the devices and software that operate or automate processes at facilities such as waste water treatment plants and power stations.
The Industrial Control System Security Symposium series for critical infrastructure stakeholders, as well as online foundational security awareness sessions and technical workshops on cyber incident awareness and handling are examples of this technical guidance.
Public Safety Canada also coordinates, delivers, and/or participates in exercises for the critical infrastructure community to test and develop capabilities to respond to, and recover from, threats and hazards, including malicious cyber activities. More broadly, the Department promotes communication and collaboration with the critical infrastructure community to raise awareness of cyber threats and risks, including with our international partners.
Background
Cyber Security Strategy
Canada's National Cyber Security Strategy (NCSS), published in 2018, has three primary goals – secure and resilient Canadian systems; an innovative and adaptive cyber ecosystem; and effective leadership, governance, and collaboration. The subsequent National Cyber Security Action Plan (2019-2024) lays out the specific roadmap that will allow for the realization of the NCSS' goals.
In the December 2021 mandate letter, the Minister of Public Safety was asked, alongside the Ministers of National Defence, Foreign Affairs, Innovation, Science and Industry, and other implicated Ministers, to develop and implement a renewed NCSS which will articulate Canada's long-term strategy to protect our national security and economy, deter cyber threat actors, and promote norms-based international behaviour in cyberspace.
Industrial Control Systems
There has been a global rise in the number of cyber incidents affecting industrial control systems (ICS) which are devices and software that operate or automate processes at many critical infrastructure (CI) facilities. This is significant as malicious cyber activities targeting these critical systems can cause physical consequences and disruptions to essential assets and services. As part of the aforementioned National Cyber Security Action Plan, Public Safety Canada, in collaboration with the Canadian Centre for Cyber Security, is leading on several initiatives that enable CI owners and operators to better secure their systems and information.
Public Safety Canada and the Canadian Centre for Cyber Security, work to enhance the cyber security of ICS by raising awareness of risks to these systems and enhancing the capabilities of ICS operators through symposiums and technical workshops.
In addition, Public Safety Canada worked closely with the Canadian Center for Cyber Security (Cyber Centre) to develop the Canadian Cyber Security Tool (CCST and CCST 2.0) which provides Canadian CI organizations with an easy-to-use, online self-assessment tool to strengthen their cyber security posture.
Cyber Security Exercises
Public Safety Canada coordinates and participates in national and international cyber security exercises to strengthen readiness and response efforts to potentially disruptive physical and cyber-based events. Through these exercises, CI owners and operators are able to validate their plans, procedures, and processes that enable response, recovery, and continuity of essential services. For example, in the Fall of 2021, Public Safety Canada organised the Cy-Phy Exercise Pilot Initiative which examined the interconnectedness between the cyber and physical realms through a series of cyber and physical security related building-block activities and culminated in a large-scale functional capstone exercise that was delivered in October 2023.
Foreign Interference
Canada has seen an increase in the frequency and sophistication of hostile activities by state actors (HASA) including by the People's Republic of China (PRC), the Russian Federation, and others seeking to advance their political, economic and security interests to the detriment of Canada's. Foreign states leverage these activities to advance their strategic interests including: seeking geopolitical influence, economic advancement, revision of the rules-based international order, domestic stability, and military advantage. These activities can be directed at Canadians, or residents of Canada, or against Canadian institutions to advance their strategic interests at the expense of our national interests and values.
Through its mandate to investigate threats to the security of Canada, including foreign interference, CSIS has seen multiple instances of foreign states targeting Canadian institutions and communities. As well, the RCMP is aware that illegal state-backed activities are committed against Canadians and Canadian interests, and investigates these activities further to its mandate. The scope of potential HASA activities can be broad, encompassing a range of techniques that are familiar to intelligence agencies. These include human intelligence operations, the use of state-sponsored or foreign influenced media and disinformation campaigns, and the use of sophisticated cyber tools.
Russian Threat
In light of Russia's invasion of Ukraine, the Communications Security Establishment and its Cyber Centre have strongly encouraged all Canadian organizations, including CI, to take immediate action to bolster their online defences. Canada's Allies have attributed multiple incidents of malicious cyber activities targeting Ukrainian CI sectors to Russia; Canada has issued statements of support, condemning these activities. Russia has significant cyber capabilities and a demonstrated history of using them irresponsibly.
In February 2023, the Cyber Centre published an alert regarding the risk of malicious cyber activity against Ukraine-aligned nations. The alert specifically warns Canadian organizations and critical infrastructure operators to be prepared for the possible disruption, defacement, and attempted exploitation of Canadian networks assets by cyber threat actors aligned with Russian interests. It also recommends actions organizations can take to mitigate risk.
- Date modified: