The Canadian military’s new cyber defense plan is aimed at threats from outside, and within
The Canadian Armed Forces is finally upping its game in the realm of cybersecurity — bolstering its shields against nation-state actors like Russia and China, malicious hacker groups, and “insider threats” that may be looking to follow in Edward Snowden’s footsteps.
In a pair of documents published Friday, the Canadian military is asking industry to submit ideas on how they can assess and respond to cyber threats in real-time.
Under the Defensive Cyber Operations Decision Project, which will ultimately culminate in a plan that will be submitted to the federal government, the Department of National Defense will be looking at capabilities that will allow the military to “operate effectively in cyberspace on government-authorized military missions, to support our federal partners in national cyber security efforts, and to work with international allies,” according to a departmental spokesperson.
Cyber defense is obviously top-of mind right now, as the American intelligence community stands behind the fact that the results of the presidential election were directly affected by Russian hacking, and with revelations that Russia had targeted the Joint Chiefs of Staff.
Canada is no stranger to state-based hacking. A VICE News report revealed earlier this year that Canada faces 25 sophisticated attacks per day, likely launched by state-backed hackers.
“The future security environment will require a level of domestic integration among agencies that does not exist at the present time.”
The request for information published Friday does ask industry to propose technology that can “hunt for APTs” — referring to Advanced Persistent Threat hacks, which are often complex hacks organized by nation-state hackers.
The documents also ask for technology that can help identify “insider threats,” seemingly an allusion to those with access to government systems who might be looking to either sell or publish sensitive data from within military systems.
The project will bring in software, hardware, and training that will help the military collect and store data about domestic and international cyber threats, run forensic analysis of that information, and to create predictive systems that can analyze and alert to possible incoming threats.
Those systems will largely boost the already-growing cyber operations centres run by the department.
“Cyber threats are increasing in both numbers and sophistication, and a growing number of state and non-state actors of concern have already developed and employed cyber capabilities that can be used for intrusive, disruptive or offensive purposes. Our key priorities are to continue to develop [Department of National Defense/Canadian Armed Forces] cyber capabilities and workforce,” the spokesperson added.
The new cyber defense plan will be able to operate abroad, to ensure that foreign militaries or governments won’t be able to access Canadian systems during battle. “The [Canadian Armed Forces] of the future must be a multi-role, combat capable force that can perform a broad range of tasks and operate in all engagement spaces (land, maritime, air, space, and cyber),” the documents read.
It’s how the plan might work in Canada that is particularly interesting.
“Domestic (routine and contingency) operations might involve assisting civil authorities in responding to natural disasters, cyber-attacks, terrorist attacks, crises in urban centres, threats to critical infrastructure, risks to health and food systems, or Chemical, Biological Radiological or Nuclear (CBRN) attack,” the document reads.
“Owing to the potential for an increase in domestic threats, [the Department of National Defense/Canadian Armed Forces] as a whole needs to become more integrated within the domestic response community — in particular, the security and intelligence sectors. In particular, the future security environment will require a level of domestic integration among agencies that does not exist at the present time.”
Canadian intelligence-watchers have, for years, noted an uptick in domestic activity amongst Canadian military intelligence units — which, traditionally, do not run national intelligence-gathering. This journalist reported in 2014 that military counter-intelligence kept tabs on Indigenous protesters, perhaps countering their own mandate. More recently, the Ottawa Citizen reported that military intelligence conscripted the Communication Security Establishment to track a Canadian within the country.
The Communication Security Establishment, the signals intelligence agency that works hand-in-hand with the American NSA, does not appear to be covered by this cyber defense strategy. That agency does not have authority to do surveillance inside Canada, unless specifically mandated to by another department.
A guide to planned spending for the Department of National Defense says the Cyber Operations Decision Support Project is expected to cost between $50 million and $99 million.
Cover: Photo via Canadian Forces Combat Camera, DND