Friday, April 19, 2019

Another "secret" revealed

In February 2007, CSE Chief John Adams revealed that "in the time between the end of the cold war and 2001, CSE’s reporting concentrated mostly on prosperity issues."

But the agency did not entirely abandon its Cold War-era targets, as this slide from an NSA presentation on its Second Party partners confirms.

The presentation can be found in this document (pages 85-94), part of a set of documents recently released by the U.S. government to Privacy International and Yale Law School’s Media Freedom & Information Access Clinic. Although undated, the presentation appears to come from around 1993, give or take a year or so.

As can be seen, the first item listed under "Targets" on the slide — CIS — is unredacted. CIS, of course, is the Commonwealth of Independent States, the loose association of former Soviet republics that arose out of the ashes of the Soviet Union.

There's nothing at all surprising about the fact that CSE was monitoring targets within the CIS in the 1990s. The Soviet Union was CSE's primary target during the Cold War, and the expertise and language skills of its staff remained dominated by that legacy for many years afterwards.

And there was a lot that was worth watching in the CIS area in the immediate post-Soviet years, not the least being the fate of the former Soviet nuclear arsenal, which ended up scattered among four independent states in the wake of the break up. There's still a lot worth watching.

What is a bit surprising, however, is that the CIS's identity as a CSE target was left unredacted in this release. Of the four agencies described in the presentation (GCHQ, DSD, GCSB, and CSE), this is the only unredacted item on any of the target lists.

— Which if nothing else reinforces the absurdity of redacting the even more obvious fact that Canada monitors the communications of Russian military aircraft that approach North American airspace.

Wednesday, April 10, 2019

Psst. It's the Russians!

The photo above shows the Deputy Commander of NORAD presenting a commemorative plaque to CFS Leitrim thanking our SIGINT folks for their "outstanding operational support critical to the NORAD mission and unwavering dedication to perimeter security". Featured on the plaque is a photo of a Russian Tupolev BEAR under escort by NORAD fighters.

Considering that such intercepts have been freely publicized by Canada and the U.S. for the last 60 years or so, I suspect the fact that Russian aircraft are normally the ones involved will not come as a huge surprise to the Canadian public or indeed anyone else — and especially not to the Russians, who after all are typically the guest of honour on these occasions.

I'm just going to leave this here for the benefit of whatever blinkered securocrat decided that the nationality of these aircraft is some kind of national secret that needed to be redacted from the report of the National Security and Intelligence Committee of Parliamentarians (NSICOP) released yesterday:

Despite the occasional incomprehensible redaction (and a substantial number of other, sometimes understandable, ones), there's a lot of interesting material in the 140-page NSICOP report, which is the first annual report that the new committee has produced.

It's unfortunate therefore that the PDF provided by the government isn't electronically searchable. Compiling the document from scanned images was probably a security measure designed to guarantee that no redacted information can be recovered from the final document. That's sensible enough.

But it is possible to OCR the document afterwards to make it user-friendly as well as secure. It's not that hard.

As a public service, I hereby offer for free download what apparently no one in government thinks is possible, or at least worth doing: a searchable version of the report.

Update 13 April 2019:

For a valuable commentary on the NSICOP report itself, see Stephanie Carvin, "A much-needed review of Canada’s security and intelligence operations arrives," Open Canada, 12 April 2019.

Monday, April 08, 2019

Cyber Threats to Canada's Democratic Process report updated

CSE released the 2019 update to its report on Cyber Threats to Canada's Democratic Process today. (See post on the original 2017 report here.)

As with the 2017 document, the report discusses the kinds of cyber threats Canadian democracy is likely to face but does not name specific actors, other than to cite a few publicly known cases as examples. It looks at three ways in which cyber activities might be used to affect the electoral process: impeding or corrupting the election process itself; stealing and exploiting information about politicians and political parties; and working covertly to influence voters' opinions and behaviours. (The last category is a slightly retooled version of the 2017 category, which focused on "the media".)

The report also provides some new and very interesting data on the ways these kinds of threats to democratic processes have been changing around the world over recent years.

According to CSE,
The proportion of national elections targeted by foreign cyber threat activity has more than doubled since 2015. When looking at economically advanced democracies similar to Canada, such as members of the Organization for Economic Cooperation and Development (OECD), Figure 5 below shows that the proportion of elections targeted by cyber threat activity has more than tripled. In fact, half of all OECD countries holding national elections in 2018 had their democratic process targeted by cyber threat activity.
The agency also reports that
voters now represent the single largest target of cyber threat activity against democratic processes, accounting for more than half of global activity in 2018. This shift seems to have started in 2016, which is likely due in part to the perceived success among cyber threat actors of Russia’s cyber interference activity against the 2016 United States presidential election.
Both sets of trend data were compiled by CSE using both open source and classified information. I'm not aware of anything comparable published by anyone else (not that I necessarily would be), so the report might be useful for other countries looking to assess trends in this area as well.

It would be interesting to know more about the quantity and quality of the data used and other methodological issues.


The main conclusions presented in the report are that 1) some degree of foreign cyber interference is very likely to be present in the 2019 election and 2) the primary focus of such activities is very likely to be influencing voter ideas and decisions:
We judge it very likely that Canadian voters will encounter some form of foreign cyber interference related to the 2019 federal election. However, at this time, it is improbable that this foreign cyber interference will be of the scale of Russian activity against the 2016 United States presidential election.

We judge it very likely that foreign cyber interference against Canada would resemble activity undertaken against other advanced democracies in recent years. Foreign adversaries have attempted to sway the ideas and decisions of voters by focusing on polarizing social and political issues, promoting the popularity of one party over another, or trying to shape the public statements and policy choices of a candidate.
This is valuable to know, even if it's probably not going to surprise anyone who has been paying attention to these issues.

The key question is, how many people actually are paying attention?

The only really effective defence we are likely to be able to build against the folly and nonsense — whether foreign or domestic in origin — that so frequently flashes across our phones and computer screens these days is a public that has mustered the wit and the will to apply the critical thinking skills needed to separate signal from noise.

This report may help a little in that regard, but it is not (nor was it designed to be) a plan to help create that more enlightened and capable citizenry.

We're still waiting for that plan, but in the meantime it would help if we had a political class that consistently called out and denounced hateful nonsense rather than retweeting, pandering, or dogwhistling to it.

News coverage:

Jim Bronskill, "Canada can expect election meddling, but not on scale seen in U.S.," Canadian Press, 8 April 2019.

Rachel Aiello, "Foreign interference in 2019 election 'very likely': report," CTV News, 8 April 2019.

Alex Boutilier, Marco Chown, Craig Silverman & Jane Lytvynenko, "Canadian political parties already targeted by foreign hacking, electronic spy agency says," Toronto Star, 8 April 2019.

Janice Dickson, "Foreign interference ‘very likely’ in Canada’s 2019 election, federal security agency warns," Globe and Mail, 8 April 2019.

Catherine Tunny, "Canadians, politicians targeted by foreign interference, electronic spy agency says," CBC News, 8 April 2019.

Amanda Connolly, "Canada likely to face foreign meddling in election but unlikely on scale of 2016 Russian interference: report," Global News, 8 April 2019.

Ian Austen, "Canada, Rebuking Tech Giants, Braces for Possible Election Interference," New York Times, 8 April 2019.

You can also watch the press conference with Democratic Institutions Minister Karina Gould, Defence Minister Harjit Sajjan, and CSE Chief Shelly Bruce that accompanied the release of the report here.