Latest news with #CommunicationsSecurityEstablishment
Vancouver Sun
a day ago
- Politics
- Vancouver Sun
Spy agency says it doesn't just go after extremists' computers. It also goes after their online reputation
OTTAWA — Canada's cyberintelligence agency doesn't just go after violent extremist group leaders' computers and networks, it also attacks their reputation, credibility and trustworthiness to undermine them, according to a new report. In its latest annual report published Friday , the Communications Security Establishment (CSE) offered new detail about what it does during an 'active cyber operation'. In other words, how CSE leads its minister of defence-approved campaigns meant to disrupt, influence or interfere with online threats posed by hostile actors like foreign states, organized crime or extremist groups. Start your day with a roundup of B.C.-focused news and opinion. By signing up you consent to receive the above newsletter from Postmedia Network Inc. A welcome email is on its way. If you don't see it, please check your junk folder. The next issue of Sunrise will soon be in your inbox. Please try again Interested in more newsletters? Browse here. The activities go well beyond the clichéd image of tech wizards in hoodies hacking into foreign threat actors' computers and wreaking havoc on their IT systems (though that also happens). In cases last year where CSE ran operations against violent extremist organizations, for example, the cyber-spy agency targeted the adversaries' online presence and reputation on top of their IT infrastructure. 'Using a multi-faceted approach that targeted VEOs' technical infrastructure and online presence, CSE conducted active cyber operations to damage the credibility and influence of key group leaders, reducing their ability to inspire and lead,' reads the report. The operations also aimed to 'weaken trust and reduce cohesion between leaders and followers, undermining the unity and strength of these organizations,' the report continues. Asked in an interview if CSE leads online disparagement campaigns against leaders of violent extremist organizations, Cyber Centre deputy head Bridget Walshe declined to go into detail. 'It's difficult for me to get into details about the actual techniques that are being used, because if we share those techniques, then that impacts them and the effectiveness decreases,' Walshe said. 'Violent extremism is a big one, because there is an immediate threat to Canada. So, what we've tried to do is highlight what the impact is' of CSE's cyber operations, she said of the latest report. In total, CSE says it was authorized to run four active or defensive cyber operations last fiscal year, including another that targeted the 10 biggest ransomware groups impacting Canada. In one case late last year, the agency detected a ransomware group targeting Canadians working in a critical infrastructure sector. Within 48 hours, the report reads, CSE's teams identified and notified victims and ran a cyber operation to disrupt the criminal group's activity. The spy agency also said that it helped identify legitimate businesses that were covertly supporting foreign governments' military, political and commercial activities meant to undermine the Canadian Armed Forces. Walshe declined to say if the businesses were Canadian or had a connection to Canada but noted that CSE's mandate does not allow it to act against Canadians. 'Our mandate in this sphere is foreign,' she said. Over the last fiscal year, CSE says it responded to 2,561 cyber security incidents affecting either the government of Canada or critical infrastructure providers. That's a 16 per cent increase compared to the previous year as hostile actors increasingly target Canada's critical infrastructure sectors such as energy, finance, food, water and manufacturing. CSE also says in the report that between 2020 and 2023, it improperly shared information about Canadians with international partners that had been acquired 'incidentally' while targeting foreigners. 'Corrective actions included placing strict limits on information sharing and seeking assurances from CSE's trusted partners that the shared information was deleted,' the agency said, adding that it also notified the minister of defence. The report does not detail how many Canadians were impacted or what information was improperly disclosed. Once again, CSE says the People's Republic of China is by far the most prominent threat to Canada's national security, engaging in activities ranging from espionage to intellectual property theft and transnational repression. China's targets are also vast and include government, civil society, media, the defence industry and the R&D sector. 'The People's Republic of China (PRC) operates, and continues to expand, one of the world's most extensive and dynamic security and intelligence systems,' reads the report. 'The PRC cyber program's scale, tradecraft and ambitions in cyberspace are second to none.' Russia is also a key threat actor and continues to conduct espionage, spread disinformation and run influence operations against Canadians. Unlike previous years, the 2024-2025 annual report does not mention North Korea and barely notes the cyber threat posed by Iran, though Walshe said both regimes remain problematic for Canada. 'They are both capable threat actors,' she said. 'We absolutely do see that those two states posing a continued threat to Canada, just not highlighted in this report.' National Post cnardi@ Our website is the place for the latest breaking news, exclusive scoops, longreads and provocative commentary. Please bookmark and sign up for our politics newsletter, First Reading, here .
Edmonton Journal
a day ago
- Politics
- Edmonton Journal
Spy agency says it doesn't just go after extremists' computers. It also goes after their online reputation
Article content OTTAWA — Canada's cyberintelligence agency doesn't just go after violent extremist group leaders' computers and networks, it also attacks their reputation, credibility and trustworthiness to undermine them, according to a new report. In its latest annual report published Friday, the Communications Security Establishment (CSE) offered new detail about what it does during an 'active cyber operation'. Article content In other words, how CSE leads its minister of defence-approved campaigns meant to disrupt, influence or interfere with online threats posed by hostile actors like foreign states, organized crime or extremist groups. The activities go well beyond the clichéd image of tech wizards in hoodies hacking into foreign threat actors' computers and wreaking havoc on their IT systems (though that also happens). In cases last year where CSE ran operations against violent extremist organizations, for example, the cyber-spy agency targeted the adversaries' online presence and reputation on top of their IT infrastructure. 'Using a multi-faceted approach that targeted VEOs' technical infrastructure and online presence, CSE conducted active cyber operations to damage the credibility and influence of key group leaders, reducing their ability to inspire and lead,' reads the report. Article content The operations also aimed to 'weaken trust and reduce cohesion between leaders and followers, undermining the unity and strength of these organizations,' the report continues. Asked in an interview if CSE leads online disparagement campaigns against leaders of violent extremist organizations, Cyber Centre deputy head Bridget Walshe declined to go into detail. 'It's difficult for me to get into details about the actual techniques that are being used, because if we share those techniques, then that impacts them and the effectiveness decreases,' Walshe said. 'Violent extremism is a big one, because there is an immediate threat to Canada. So, what we've tried to do is highlight what the impact is' of CSE's cyber operations, she said of the latest report. In total, CSE says it was authorized to run four active or defensive cyber operations last fiscal year, including another that targeted the 10 biggest ransomware groups impacting Canada. Article content In one case late last year, the agency detected a ransomware group targeting Canadians working in a critical infrastructure sector. Within 48 hours, the report reads, CSE's teams identified and notified victims and ran a cyber operation to disrupt the criminal group's activity. The spy agency also said that it helped identify legitimate businesses that were covertly supporting foreign governments' military, political and commercial activities meant to undermine the Canadian Armed Forces. Walshe declined to say if the businesses were Canadian or had a connection to Canada but noted that CSE's mandate does not allow it to act against Canadians. 'Our mandate in this sphere is foreign,' she said. Over the last fiscal year, CSE says it responded to 2,561 cyber security incidents affecting either the government of Canada or critical infrastructure providers. Article content That's a 16 per cent increase compared to the previous year as hostile actors increasingly target Canada's critical infrastructure sectors such as energy, finance, food, water and manufacturing. CSE also says in the report that between 2020 and 2023, it improperly shared information about Canadians with international partners that had been acquired 'incidentally' while targeting foreigners. 'Corrective actions included placing strict limits on information sharing and seeking assurances from CSE's trusted partners that the shared information was deleted,' the agency said, adding that it also notified the minister of defence. The report does not detail how many Canadians were impacted or what information was improperly disclosed. Once again, CSE says the People's Republic of China is by far the most prominent threat to Canada's national security, engaging in activities ranging from espionage to intellectual property theft and transnational repression. Latest National Stories
National Post
a day ago
- Politics
- National Post
Spy agency says it doesn't just go after extremists' computers. It also goes after their online reputation
OTTAWA — Canada's cyberintelligence agency doesn't just go after violent extremist group leaders' computers and networks, it also attacks their reputation, credibility and trustworthiness to undermine them, according to a new report. Article content In its latest annual report published Friday, the Communications Security Establishment (CSE) offered new detail about what it does during an 'active cyber operation'. Article content Article content Article content 'Using a multi-faceted approach that targeted VEOs' technical infrastructure and online presence, CSE conducted active cyber operations to damage the credibility and influence of key group leaders, reducing their ability to inspire and lead,' reads the report. Article content The operations also aimed to 'weaken trust and reduce cohesion between leaders and followers, undermining the unity and strength of these organizations,' the report continues. Article content Article content Article content 'It's difficult for me to get into details about the actual techniques that are being used, because if we share those techniques, then that impacts them and the effectiveness decreases,' Walshe said.
Yahoo
21-06-2025
- Politics
- Yahoo
Spy agency says it 'improperly' shared Canadians' data with international partners
One of Canada's intelligence agencies says it "improperly" shared information about Canadians that it had obtained "incidentally" with international partners. The Communications Security Establishment (CSE) shared some details about the incident after the intelligence commissioner — the quasi-judicial position that reviews the cyber spy agency's activities — flagged the case in his annual report tabled in Parliament earlier this week. CSE spokesperson Janny Bender Asselin told CBC News that last year the agency had to notify the defence minister "of an incident where CSE improperly shared information." "CSE identified an activity where, between 2020 and 2023, we shared some information with international partners without properly removing Canadian information that had been acquired incidentally when targeting valid foreign intelligence targets," she said. "CSE acted quickly to contain the issue." The CSE is considered one of Canada's intelligence crown jewels, responsible for intercepting and analyzing foreign electronic communications, launching cyber operations and defending the government's networks and critical infrastructure from attacks. Asselin said that included seeking assurances from CSE's trusted partners that the shared information was deleted. "We continue to update our policies and procedures to prevent reoccurrence," she said. CSE did not say how many Canadians were impacted or to which countries the information was shared, citing operational security. Details were shared with Intelligence Commissioner Simon Noël, who raised it in his recently published report. The commissioner is part of the chain of approval before CSE and its sister agency, the Canadian Security Intelligence Service (CSIS), can go ahead with certain intelligence-gathering and cybersecurity activities. CSE first needs to seek permission from the minister of defence — known as ministerial authorization — if the proposed action would otherwise break the law or potentially infringe on the privacy interests of Canadians. Under the law, ministerial authorizations must prove the activities are reasonable, necessary and that measures are in place to protect Canadians' privacy. The intelligence commissioner then provides a layer of oversight and either signs off on the mission, approves with conditions or denies the request outright. Noël also makes sure CSE remains compliant after receiving the green light and sticks to what was approved — which was not the case in this information-sharing matter. The commissioner's report doesn't include many details, citing national security. The case will be included in CSE's own annual report, which is expected later this month, said Asselin. Noël's report said he urged the intelligence agency to be as transparent about the incident as possible. It doesn't appear the individuals involved were alerted, although CSE said it reported the incident to its oversight and review bodies, including the Office of the Privacy Commissioner. "The disclosure of this incident involving CSE raises many serious concerns," said Matt Malone, director of the Canadian Internet Policy and Public Interest Clinic. The University of Ottawa professor said the findings justify many of the fears raised by civil society groups about the potential for inappropriate information in the Liberal government's cybersecurity bill. The first iteration of the bill died when the House prorogued earlier this year, and it was reintroduced by Prime Minister Mark Carney's government as Bill C-8. If passed, federally regulated industries would have to report cybersecurity incidents to CSE, meaning it would be in possession of more information. "All of this bodes very poorly for the state of privacy protection in Canada," Malone said. "Three of the eight government bills introduced so far in this Parliament are extremely privacy-corrosive." In 2024, the information commissioner received 13 ministerial authorizations for review — seven relating to CSE activities and six relating to CSIS activities. He approved the activities in 11 authorizations, approved the activities with conditions in one authorization and partially approved the activities in the other authorization.
CBC
06-03-2025
- Politics
- CBC
China, Russia will 'very likely' use AI to target Canadian voters: Intelligence agency
Social Sharing Canada's cyber intelligence agency is warning that countries including China, Russia and Iran will "very likely" lean on artificial intelligence to try and interfere in the upcoming federal election and mislead voters. In a report assessing threats to Canada's democratic process in the upcoming year, the Communications Security Establishment (CSE) said those known hostile actors are looking to use AI to fuel disinformation campaigns or launch hacking operations. While the 28-page document suggests the threats are real and evolving, CSE does stress that it believes it's "very unlikely" that AI-enabled activities will "fundamentally undermine the integrity of Canada's next general election." It said these actors "are most likely to use generative Al as a means of creating and spreading disinformation, designed to sow division among Canadians and push narratives conducive to the interests of foreign states," wrote the agency in its report, released Thursday morning. "Canadian politicians and political parties are at heightened risk of being targeted by cyber threat actors, particularly through phishing attempts." Generative AI is the technology powering popular tools like ChatGPT that are trained on huge amounts of data to generate a response to a wide range of requests from a user. The report focuses on the rapidly evolving and increasingly affordable technology. There are generative AI tools that can create text, images, computer code, music or video, and others can quickly sort and analyze data. Only some of those tools have applied strict guardrails for their use. Parties hold troves of data CSE says Canadian politicians and political parties are likely to be targeted by threat actors seeking to conduct hack-and-leak operations, where stolen information is put online to cause harm or embarrassment. The intelligence agency says foreign actors could easily use generative AI to engage with targets as part of an extended phishing operation to breach their networks. Some nation states, including China, have already amassed billions of data points on politicians, public figures like journalists and citizens around the world typically through open-source acquisition, covert purchase and theft, says the report. WATCH | Can you spot the deepfake? How AI is threatening elections: Can you spot the deepfake? How AI is threatening elections 1 year ago Duration 7:08 "Canadian political parties hold terabytes of politically relevant data about Canadian voters as do commercial data brokers," the report notes. That data can be harnessed to run targeted personal influence or espionage campaigns, says CSE, which is responsible for monitoring foreign signals intelligence and is the lead on Canada's cyber operations. "We assess foreign actors are almost certainly attempting to acquire this data, which they can then weaponize against Canadian democratic processes," reads the report. Chances of an early election growing CSE does say it's unlikely that hostile actors will carry out a destructive cyberattack against election infrastructure, such as attempting to paralyze telecommunications systems on election day, "outside of imminent or direct armed conflict." It said the People's Republic of China is the most likely to deploy its vast AI capabilities to push narratives favourable to its interests and spread disinformation among Canadian voters, in particular "Chinese-diaspora communities." CSE suggests Russia and Iran see the Canadian election as a lower priority target compared to the U.S. and U.K. It's a virtual certainty that Canadians will find themselves at the ballot box this spring. The Conservatives, who are still leading in the polls but have seen their dominance slip in recent weeks, have been adamant about their plans to bring down the government at the first opportunity after Parliament returns March 24. The NDP has also said it would topple the Liberals, but is now suggesting the House of Commons reconvene for an emergency session to pass a support package for workers impacted by the trade war first. There's also a chance an election is called before Parliament returns, depending on the outcome of Sunday's Liberal leadership convention. Perceived front-runner Mark Carney hasn't said publicly whether he'd call a snap election. His main rival, former finance minister and Liberal MP Chrystia Freeland, promised Wednesday to consult with premiers and business and union leaders as her first act if she becomes prime minister on whether to call a federal election. Thursday's CSE report is an update to an assessment it put out in 2022 looking at threats to Canada's democratic institutions, including the use of deceptive deepfakes — hyper-realistic generated images and videos — to fool voters. The updated threat assessment echoes those early warnings and points to the troubling trend of deepfake pornography. "Canadian public figures, especially women and members of the 2SLGBTQI+ community, are at heightened risk," said the report, which could "deter participation in democracy for those targeted." The warning follows a report from the foreign interference inquiry, which investigated cases of meddling in Canada's elections.
