The Canadian electronic intelligence agency says it has used its arsenal to try to prevent foreign extremists from recruiting Canadians and sharing violent material online.
The recognition is found in the Communications Security Center’s annual report released Tuesday, which points to recent cases in which it flexed its cyber muscles.
While the details are largely disinfected in the report, the examples shed some light on how the foreign signal intelligence agency has been using the “active” cyber capabilities granted to it by the government. liberal in 2019.
CSE has defensive capabilities and so-called “active” capabilities, which allow it to disrupt foreign online threats to Canada’s system.
In its report Tuesday, CSE said it has used its active cyber operations capabilities to disrupt the efforts of overseas-based extremists to “recruit Canadian nationals, operate online and disseminate violent extremist material.”
“I can’t talk about the specific details of the operation, I can say that the CSE in our foreign intelligence program and in our cyber program is concerned about extremism of any kind, whether for religious or ideological reasons,” Dan Rogers, associate chief. in the agency, he told CBC News.
“If violent extremist organizations tried to use an online platform to recruit Canadians or to disseminate material online, preventing it from working as intended would be an element of disruption in which we would participate under the mandate of cyber operations abroad.” .
The annual report also said it has activated these active powers to help the Canadian Armed Forces in support of “its mission,” although few more details are provided.
The Communications Security Center complex in Ottawa. The cybersecurity agency is mandated to intercept and analyze electronic communications and other foreign signals to inform the Canadian government about the activities of foreign entities that seek to undermine Canada’s national security. (Sean Kilpatrick / Canadian Press)
The agency has said it has supported the army in Ukraine and Eastern Europe, as well as its missions in Iraq, Jordan and Lebanon.
As previously reported, CSE has also acknowledged that it has used its cyber operations on cybercriminals “to impose a cost on the people behind such incidents.”
“CSE has embarked on a long-term campaign designed to reduce the ability of cybercrime groups to target Canadians, businesses and Canadian institutions,” the annual report says.
Millions of budget to strengthen operations
Rogers said the campaign “is starting to take effect.”
CSE said it expects to run more long-term operations now that the Liberals have promised millions of dollars to the agency in this year’s budget.
Rogers said earlier that they carried out these activities reassigning internal resources.
“That’s why we’ve been successful in recent years, but they’ve been limited by the number of resources,” he said.
“If we have the capacity to take the infrastructure of threat actors offline before it affects Canadians, before it causes significant damage to Canada, this is what we will try to achieve,” Rogers said.
The report said that before the 2021 election, the CSE had its authorities in defensive cyber operations in the event of a malicious cyber threat against the electronic infrastructure used by Elections Canada.
According to the 2021/22 report, the federal Minister of Defense issued three authorizations for cyber operations abroad: two active and one defensive.
The Minister of Defense may authorize an active operation, with the consent of the Minister of Foreign Affairs, if the action is considered reasonable, proportionate and if the objective cannot be reasonably achieved otherwise.
There are restrictions: the action cannot cause bodily harm, target Canadians or interfere with democracy.
Intelligence aid in Ukraine
The 2021/22 report also talks briefly about how the foreign signal intelligence agency has responded to the Russian invasion of Ukraine. CSE is mandated to intercept and analyze electronic communications and other foreign signals to inform the Canadian government of the activities of foreign entities that seek to undermine Canada’s national security.
The agency said it has been providing “timely and relevant foreign signal intelligence reports.
“For example, we supported the repatriation operations of Ukrainian Canadian diplomatic personnel by providing information on possible risks affecting them,” the report said.
“We continued to provide technical and operational assistance to Operation UNIFIER, the mission of the Canadian Armed Forces in support of Ukraine. This included the exchange of intelligence and support for cybersecurity.”
CSE said it has also tracked Russia-backed war-related disinformation campaigns in Ukraine, including anti-Semitic, anti-LGBTQ, anti-immigrant and anti-globalist conspiracy theories, false stories about Canadian forces committing crimes of war, misinformation about NATO allies and claims that the US established military bio-laboratories in Ukraine.
Ukrainian soldiers travel in an armored personnel carrier on a road in the eastern Luhansk region on June 23, 2022. (Anatolii Stepanov / AFP / Getty Images)
Last year, CSE said it reported on a number of foreign-based threats, including cyber threats from hostile states, espionage, disinformation campaigns, kidnappings of Canadians abroad, the terrorism and extremism, including ideologically motivated violent extremism and threats to Canadians and Canadian forces abroad.
Rogers would not say whether the kidnappings mentioned in the report concerned the arrest of Michael Spavor and Michael Kovrig, who were released from detention in China last year after 1,019 days. His arrests were seen as retaliation for the arrest of Huawei telecommunications executive Meng Wanzhou in Vancouver in 2018.
“I wouldn’t want you to read any specific cases because we can’t talk about those cases. But certainly a big part of our foreign intelligence mandate is to protect Canadians when they’re in danger, wherever they are. world, ”he said.
The report said it also shared information on foreign signals with Global Affairs Canada and the armed forces to help transport Canadians out of Kabul after the Taliban returned to power in Afghanistan last summer.
The intelligence commissioner, the person intended to provide external oversight independent of CSE’s external intelligence and cybersecurity permits, has at times rejected the links used by the minister to justify the agency’s permits.
According to CSE report 2021/22, National Defense Minister Anita Anand has issued three authorizations for cyber operations abroad: two active and one defensive. (Chad Hipolito / The Canadian Press)
In 2019 Jean-Pierre Plouffe wrote that some ministerial conclusions “were insufficient or non-existent”.
Last year Plouffe approved four of the five Minister of Defense authorizations.
He considered the two cyber security clearances reasonable. He also received three foreign intelligence clearances, necessary for activities such as intercepting private communications, and considered two reasonable and one “partially reasonable.”
“The intelligence commissioner felt more information was needed to make a reasonable decision there. And that’s something we respect and will work on in advance,” Rogers said.