Friday, April 19, 2019

Another "secret" revealed

In February 2007, CSE Chief John Adams revealed that "in the time between the end of the cold war and 2001, CSE’s reporting concentrated mostly on prosperity issues."

But the agency did not entirely abandon its Cold War-era targets, as this slide from an NSA presentation on its Second Party partners confirms.

The presentation can be found in this document (pages 85-94), part of a set of documents recently released by the U.S. government to Privacy International and Yale Law School’s Media Freedom & Information Access Clinic. Although undated, the presentation appears to come from around 1993, give or take a year or so.

As can be seen, the first item listed under "Targets" on the slide — CIS — is unredacted. CIS, of course, is the Commonwealth of Independent States, the loose association of former Soviet republics that arose out of the ashes of the Soviet Union.

There's nothing at all surprising about the fact that CSE was monitoring targets within the CIS in the 1990s. The Soviet Union was CSE's primary target during the Cold War, and the expertise and language skills of its staff remained dominated by that legacy for many years afterwards.

And there was a lot that was worth watching in the CIS area in the immediate post-Soviet years, not the least being the fate of the former Soviet nuclear arsenal, which ended up scattered among four independent states in the wake of the break up. There's still a lot worth watching.

What is a bit surprising, however, is that the CIS's identity as a CSE target was left unredacted in this release. Of the four agencies described in the presentation (GCHQ, DSD, GCSB, and CSE), this is the only unredacted item on any of the target lists.

— Which if nothing else reinforces the absurdity of redacting the even more obvious fact that Canada monitors the communications of Russian military aircraft that approach North American airspace.

Wednesday, April 10, 2019

Psst. It's the Russians!

The photo above shows the Deputy Commander of NORAD presenting a commemorative plaque to CFS Leitrim thanking our SIGINT folks for their "outstanding operational support critical to the NORAD mission and unwavering dedication to perimeter security". Featured on the plaque is a photo of a Russian Tupolev BEAR under escort by NORAD fighters.

Considering that such intercepts have been freely publicized by Canada and the U.S. for the last 60 years or so, I suspect the fact that Russian aircraft are normally the ones involved will not come as a huge surprise to the Canadian public or indeed anyone else — and especially not to the Russians, who after all are typically the guest of honour on these occasions.

I'm just going to leave this here for the benefit of whatever blinkered securocrat decided that the nationality of these aircraft is some kind of national secret that needed to be redacted from the report of the National Security and Intelligence Committee of Parliamentarians (NSICOP) released yesterday:

Despite the occasional incomprehensible redaction (and a substantial number of other, sometimes understandable, ones), there's a lot of interesting material in the 140-page NSICOP report, which is the first annual report that the new committee has produced.

It's unfortunate therefore that the PDF provided by the government isn't electronically searchable. Compiling the document from scanned images was probably a security measure designed to guarantee that no redacted information can be recovered from the final document. That's sensible enough.

But it is possible to OCR the document afterwards to make it user-friendly as well as secure. It's not that hard.

As a public service, I hereby offer for free download what apparently no one in government thinks is possible, or at least worth doing: a searchable version of the report.

Update 13 April 2019:

For a valuable commentary on the NSICOP report itself, see Stephanie Carvin, "A much-needed review of Canada’s security and intelligence operations arrives," Open Canada, 12 April 2019.

Monday, April 08, 2019

Cyber Threats to Canada's Democratic Process report updated

CSE released the 2019 update to its report on Cyber Threats to Canada's Democratic Process today. (See post on the original 2017 report here.)

As with the 2017 document, the report discusses the kinds of cyber threats Canadian democracy is likely to face but does not name specific actors, other than to cite a few publicly known cases as examples. It looks at three ways in which cyber activities might be used to affect the electoral process: impeding or corrupting the election process itself; stealing and exploiting information about politicians and political parties; and working covertly to influence voters' opinions and behaviours. (The last category is a slightly retooled version of the 2017 category, which focused on "the media".)

The report also provides some new and very interesting data on the ways these kinds of threats to democratic processes have been changing around the world over recent years.

According to CSE,
The proportion of national elections targeted by foreign cyber threat activity has more than doubled since 2015. When looking at economically advanced democracies similar to Canada, such as members of the Organization for Economic Cooperation and Development (OECD), Figure 5 below shows that the proportion of elections targeted by cyber threat activity has more than tripled. In fact, half of all OECD countries holding national elections in 2018 had their democratic process targeted by cyber threat activity.
The agency also reports that
voters now represent the single largest target of cyber threat activity against democratic processes, accounting for more than half of global activity in 2018. This shift seems to have started in 2016, which is likely due in part to the perceived success among cyber threat actors of Russia’s cyber interference activity against the 2016 United States presidential election.
Both sets of trend data were compiled by CSE using both open source and classified information. I'm not aware of anything comparable published by anyone else (not that I necessarily would be), so the report might be useful for other countries looking to assess trends in this area as well.

It would be interesting to know more about the quantity and quality of the data used and other methodological issues.


The main conclusions presented in the report are that 1) some degree of foreign cyber interference is very likely to be present in the 2019 election and 2) the primary focus of such activities is very likely to be influencing voter ideas and decisions:
We judge it very likely that Canadian voters will encounter some form of foreign cyber interference related to the 2019 federal election. However, at this time, it is improbable that this foreign cyber interference will be of the scale of Russian activity against the 2016 United States presidential election.

We judge it very likely that foreign cyber interference against Canada would resemble activity undertaken against other advanced democracies in recent years. Foreign adversaries have attempted to sway the ideas and decisions of voters by focusing on polarizing social and political issues, promoting the popularity of one party over another, or trying to shape the public statements and policy choices of a candidate.
This is valuable to know, even if it's probably not going to surprise anyone who has been paying attention to these issues.

The key question is, how many people actually are paying attention?

The only really effective defence we are likely to be able to build against the folly and nonsense — whether foreign or domestic in origin — that so frequently flashes across our phones and computer screens these days is a public that has mustered the wit and the will to apply the critical thinking skills needed to separate signal from noise.

This report may help a little in that regard, but it is not (nor was it designed to be) a plan to help create that more enlightened and capable citizenry.

We're still waiting for that plan, but in the meantime it would help if we had a political class that consistently called out and denounced hateful nonsense rather than retweeting, pandering, or dogwhistling to it.

News coverage:

Jim Bronskill, "Canada can expect election meddling, but not on scale seen in U.S.," Canadian Press, 8 April 2019.

Rachel Aiello, "Foreign interference in 2019 election 'very likely': report," CTV News, 8 April 2019.

Alex Boutilier, Marco Chown, Craig Silverman & Jane Lytvynenko, "Canadian political parties already targeted by foreign hacking, electronic spy agency says," Toronto Star, 8 April 2019.

Janice Dickson, "Foreign interference ‘very likely’ in Canada’s 2019 election, federal security agency warns," Globe and Mail, 8 April 2019.

Catherine Tunny, "Canadians, politicians targeted by foreign interference, electronic spy agency says," CBC News, 8 April 2019.

Amanda Connolly, "Canada likely to face foreign meddling in election but unlikely on scale of 2016 Russian interference: report," Global News, 8 April 2019.

Ian Austen, "Canada, Rebuking Tech Giants, Braces for Possible Election Interference," New York Times, 8 April 2019.

You can also watch the press conference with Democratic Institutions Minister Karina Gould, Defence Minister Harjit Sajjan, and CSE Chief Shelly Bruce that accompanied the release of the report here.

Tuesday, March 26, 2019

ATIPical story: U.S. releases partial CANUSA appendices

Another milestone has been reached in the effort to piece together the CANUSA agreement, the 1949 accord that spelled out the parameters of Canada–U.S. cooperation in communications intelligence collection and processing within the overall UKUSA relationship.

In April 2017 I got CSE to release the text of the CANUSA agreement via our Access to Information and Privacy (ATIP) legislation. But our government refused to release a single word of the voluminous appendices that flesh out the details of the agreement.

Fortunately, not that long afterwards, in July 2017, Privacy International and Yale Law School’s Media Freedom & Information Access Clinic filed a lawsuit in the United States seeking detailed information about the full range of intelligence-sharing arrangements among the UKUSA partners.

And, what do you know, among the hundreds of pages of documents now released as a result of that suit (see the documents available here and here) is the CANUSA agreement—including a significant portion of its appendices.

It's buried among the documents in this State Department release, but for your convenience I have extracted just the CANUSA portion and made it available here as a searchable PDF.

Whereas CSE released not a comma of the CANUSA appendices in response to my request, the State Department released some 45 pages either fully or partially. I guess it helps to have some high-powered lawyers on side when requesting information from government.

Not everything was better in the U.S. release, however. CSE to its credit was willing to release the entire text of the agreement itself, while the U.S. chose to wholly redact paragraphs 7 and 9 of it.

Which means if you want to read the full text of the exchange of letters that comprised the agreement itself, you have to go back to CSE's version here.

Don't these people ever talk to each other?

It's also worth noting that the version of Appendix B that has now been released by the U.S. is considerably less complete than the version that was already available on the NSA's own website, which as I noted here has been online since 2015. Still, the newly released Appendix B is a substantially revised version dating from 1 July 1959, whereas the online version is from 27 March 1953, so there's value in having both.

Petit à petit l'oiseau fait son nid.

Update 31 March 2019: As it turns out, the 1 July 1959 version of UKUSA Appendix B was also released recently, in only slightly redacted form. Since the CANUSA Appendix B was intended to be identical in all significant respects to the UKUSA version so that the procedures spelled out in the two documents would also be identical, it is possible to use the UKUSA text to reconstruct most of the redacted parts of the CANUSA appendix.

Which is what I have now done here.

Wednesday, March 06, 2019

CSE budget authority rises to $708.1 million

The Supplementary Estimates (B) for FY 2018-19, tabled in Parliament at the end of January, show another significant proposed increase in CSE's spending authorities — to a new total of $708.1 million. The Main Estimates for FY 2018-19, tabled in April 2018, showed a budget of $624.9 million for the agency, later increased in the Supplementary Estimates (A) to $682.9 million.

The main cause of the latest increase was the transfer of $11.5 million in budget authority from the Department of Public Safety and Emergency Preparedness and Shared Services Canada "to establish the Canadian Centre for Cyber Security," presumably primarily to pay for the staff transferred to CSE from those departments when the Cyber Centre was created on October 1st last year. As a result of this transfer, CSE now has approximately 2500 employees.

Other than FY 2014-15, when a one-time $300-million payment for the agency's new headquarters bumped its budget up to just over $850 million, this marks the first time that CSE's budget authority has crossed the $700-million line.

Of course, it remains to be seen whether all that money actually will be spent by the end of the fiscal year.

Friday, March 01, 2019

The Electronic Polar Watch

This month marks a minor milestone for me: 30 years of writing about Canada's signals intelligence program. The first article I wrote on the subject, "Canada and Signals Intelligence: The Electronic Polar Watch," was published in March 1989 in the Ploughshares Monitor, the quarterly publication of Canadian peace organization Project Ploughshares.

I was on the Ploughshares staff at the time (I was there from 1986 to 2001), responsible for research and advocacy on Canadian defence policy matters, nuclear arms control, and other issues.

Given 30 years of hindsight and the benefit of the vastly greater amount of information now available about the agency, I wouldn't write the piece exactly the same way today. But I think it stands up pretty well.

Its heavy emphasis on nuclear weapons issues was partly a function of the times and of Project Ploughshares' particular concerns, but it also reflected the overwhelming focus of CSE's activities during this period. The agency had begun widening its targeting at the beginning of the 1980s, establishing embassy intercept sites in non-Cold War-related locations such as New Delhi and joining the ECHELON satellite monitoring program, but the Soviet Union remained, as it had been since the 1950s, by far its most important target.

The article was the first to reveal the agency's significant growth during the 1980s, citing figures that I'd found in the annual reports of what was then called the Public Service Staff Relations Board. CSE was unwilling to release any staff figures in those days, and I suspect the PSSRB numbers came as a bit of a shock.

It may not be coincidental that 1990 was the last year that the PSSRB published those numbers. Fortunately, by that time I had already stumbled across the monthly CSE numbers that Statistics Canada had begun publishing in its Federal Government Employment series in 1979.

Later in 1989 I wrote an article for This Magazine ("Spies Without Scrutiny," September 1989) updating the staff numbers, speculating about CSE's widening range of targets, and decrying the lack of any public review mechanism for the agency. (The Office of the CSE Commissioner wasn't created until 1996.)

Fun times.

Incidentally, it occurs to me that 2019 also marks 45 years since I first rode past the Sir Leonard Tilley Building on an OC Transpo bus and wondered what exactly the spies inside were up to. CBNRC, as it was still called in 1974, was only 28 years old back then.

Little did I know that I'd still be wondering about it 45 years later.

Tuesday, December 18, 2018

CSE decryption aid

The History page on CSE's website contains a photo of this intriguing device, described as a poly-alphabetic cipher decryption aid made by an analyst in 1974 using cardboard tubing and graph paper.

The page explains that the device was "created to add another facet to an encryption slide rule," although it leaves us guessing as to what exactly that means.

I don't have an answer to that question, but I do have some thoughts about the object's purpose.

1. The device was used to analyze teleprinter traffic.

Teleprinters are electromechanical or electronic devices for transmitting text by cable or radio. Prior to the Internet, teleprinters were the primary means used to transmit government and corporate communications, sometimes in encrypted form, often en clair. In North America, the best-known teleprinters were those produced by the Teletype Corporation, and as a result the name Teletype was often used to refer to all teleprinters.

Close examination of CSE's decryption aid shows characters specific to teleprinter operation, including C/R (carriage return), L/F (line feed), characters to switch the output between alphabetic characters and numbers or symbols, and a bell symbol that is used not to print, but to ring the signal bell on the teleprinter.

2. The target was not Soviet.

The Soviets were big users of teleprinters, and CSE, which focused primarily on Soviet targets during much of the Cold War, collected and processed a lot of Soviet teleprinter traffic. But Soviet traffic it will come as no surprise to anyone to discover was mostly in Russian, and it used the Cyrillic alphabet.

CSE's device utilizes the English alphabet and thus was almost certainly used for traffic in English or other languages with essentially the same alphabet.

3. The device was used to help the analyst add teleprinter characters to one another.

Teleprinter characters are transmitted as a series of impulses of two different frequencies (or, in cable systems, voltages of opposite polarity) called marks and spaces, using in this case five marks or spaces per character. The letters A and B, for example, are typically encoded as mark-mark-space-space-space and mark-space-space-mark-mark, respectively. You can also think of this coding in terms of binary numbers, where A = 11000 and B = 10011.

Additional characters are used to shift between letters and other meanings (numbers/symbols) for each five-element code. The graphic below shows one version of this system (source).

This coding translates the text into a form suitable for machine transmission, but it doesn't provide any security for the message. Any teleprinter machine can interpret it.

To encrypt the text, typically a separate stream of characters equal in length to the original text is added to it, one character at a time.

These key stream characters are added using the equivalent of non-carrying binary addition, which is to say if you add key character B (10011) to plaintext character A (11000) you get 01011, which is the coding for character G. In this example, the enciphered text character that is sent is G.

To get the plaintext message, the intended recipient, who also possesses the key stream, adds it to the enciphered text again. (In non-carrying binary, addition and subtraction are functionally the same thing.) In the example, B (10011) is added to G (01011), producing 11000, which is the original plaintext character A.

CSE's decryption device appears to have been designed to help the analyst add teleprinter characters in this way.

To use it, you slip the cylinder with the multiple alphabets into the cover with the slot, select the first character you wish to combine from the column on the far left of the cylinder, rotate it so the character appears in the slot, find the location of the second character to be combined on the cover (letters below the slot, symbols above), and read off the character inside the slot (i.e., on the cylinder) directly above or below that second character.

To add A and B, for example, you find the letter A in the left-hand column, look two places to the right (corresponding to the letter B on the cover—this would be easier if the device were assembled), and read off the letter in that position (G).

4. The device was probably used for depth reading.

If CSE somehow obtained the key stream for an encrypted teleprinter message, this device would certainly have helped a cryptanalyst asked to manually decrypt it. Except for very short messages, however, it would probably have been simpler to set up the key stream on one teleprinter tape and the enciphered text on another and run them through a Rockex or similar cipher machine, which would automate the decryption process.

The more likely use of this device, I suspect, was to assist the analyst in depth reading.

Sometimes more than one message is encrypted in whole or in part with the same key stream, usually as a result of error, incompetence, or equipment malfunction. When such messages are found, they are said to be in "depth".

In systems like this, if you combine two encrypted messages that are in depth, an interesting thing happens. Since each of the enciphered texts was already a combination of the key stream and a plaintext, when the two enciphered texts are combined the two identical key streams cancel out, and the resulting text is a combination of just the two plaintexts.

For a cryptologic agency, this is a sitting duck. A cryptanalyst can test words that are likely to be found in one of the plaintexts against the combined text to see if a coherent version of the other plaintext emerges. By working back and forth between the two, it is possible to recover both plaintexts, although often with some unrecoverable or ambiguous parts.

In the days before desktop computers, the CSE device would have been very handy for this process, enabling a cryptanalyst to quickly check guessed characters for one plaintext against the combined text to determine the characters that would appear in the other plaintext if the guess were correct.

5. It may have been used on traffic collected at CSE's experimental collection operation in Montreal.

Canadian intercept stations focused overwhelmingly on Soviet targets at this time, but it is possible that some non-Soviet maritime traffic was being collected in the course of monitoring fishing fleets or other shipping off the coasts. Some of that traffic may have been encrypted and potentially been vulnerable to this cryptanalytic approach, although it's not obvious it would have been worth an analyst's time to recover it.

Another, perhaps more likely, possibility is diplomatic traffic to and from embassies in Ottawa. While many countries would certainly have known better than to permit key reuse, it's likely that some had lower standards of security, and accidents and errors do happen.

A third possibility is the traffic was collected at CSE's experimental collection operation at the Canadian Overseas Telecommunication Corporation (COTC) gateway in Montreal. I wrote about that little-known adventure here.

According to CSE, the device was made in 1974, which fits reasonably well with the COTC operation. Monitoring of teleprinter cable traffic was begun at the site on an experimental basis, to assess the value of the traffic that might be collected there, in or around 1971. The test was evidently a success, as CSE later sought funding to put the program into full operation. In mid-1974, however, the entry into force of the Protection of Privacy Act seems to have put the kibosh on the project.

Earlier in 1974, however, there may well have been an analyst working on ways to exploit this new source of traffic who decided it would be handy to have a quicker way to recover the texts of messages in depth.

At least, it seems possible to me.