(Ottawa) The House of Commons National Defense Committee is urging the Liberal government to impose sanctions on individuals and organizations that target Canadians with misinformation.
In a new report calling for stronger cybersecurity, the committee warns of increasingly sophisticated disinformation and foreign influence campaigns by China, Russia and other aggressors.
Canada has developed national strategies, launched and funded cybersecurity initiatives, passed legislation and fostered closer international cooperation in cyberspace, the report acknowledges.
Overall, however, the committee says more could be done to bolster Canada’s cybersecurity and computer warfare efforts, and to improve resilience to internal and foreign threats.
During committee hearings, witnesses emphasized that Canada should encourage the development of international standards and frameworks to address these threats. The committee recommends using existing sanctions regimes against individuals and entities that attempt to manipulate Canadians with misleading or false information.
MEPs also say Canada should impose effective sanctions on countries that condone or use cybercriminals to steal money or intellectual property, or wage information warfare.
Russia’s use of offensive cyberweapons in its ongoing war against Ukraine has demonstrated how cyber warfare and the militarization of cyberspace have become realities of modern conflict, according to the report, presented to the House of Commons just before summer vacation.
“Also noteworthy are the increasingly sophisticated disinformation and foreign influence campaigns waged by China, Russia and other aggressive authoritarian states against democratic countries, including Canada, in recent years. These types of activities highlight the critical importance of ensuring the existence of cybersecurity and combating cyber warfare. »
Government and non-government actors have used offensive cyber programs to target Canada, including its financial sector, critical infrastructure and democratic institutions, the report said.
New powers at CSIS questioned
Sami Khoury, head of the Canadian Center for Cyber Security, told MPs that cybercrime remains the biggest digital threat to Canadians, despite state-sponsored programs posing the biggest strategic cyber threat to Canada.
Witnesses also cited the increasing frequency of ransomware and other types of malware attacks, the MPs note in their report.
The report calls on the government to:
- establish an ongoing forum for collaboration and engagement on cybersecurity issues where industry and officials meet to exchange information and best practices;
- invest in the cybersecurity of its own network infrastructure and undertake a comprehensive assessment of what is needed to strengthen government systems and the third-party network infrastructure on which its data is stored;
- accelerate the renewal of Canada’s National Cyber Security Strategy and establish an ongoing review that can better keep pace with the changing nature of cyber threats;
- appoint a cybersecurity ambassador; And
- examine the Canadian Security Intelligence Service Act to ensure that CSIS has the legislative tools it needs to keep pace with technological advancements, modern digital realities and ever-evolving cybersecurity threats.
Nowhere in the report is there any mention of why the recommendation of the Canadian Security Intelligence Service (CSIS) is necessary or even a concern, noted Tim McSorley, national coordinator of the Coalition for international civil liberties watchdog.
“Once again we are seeing national security drift: recommendations that national security agencies be granted new powers despite the lack of public evidence that they are needed,” he said. .
There is a “serious transparency deficit” in how Canada approaches cybersecurity, he added. “This kind of recommendation will do nothing to solve this. »
McSorley, who testified before the committee, said it was concerning that human rights issues did not figure more prominently in the resulting report.
“What is even more striking is that there is not a single recommendation to ensure that the protection of rights is explicitly considered in the government’s response to cyber threats, whether in relation to Charter rights or Canada’s international human rights and civil liberty obligations. »