Skip to main content
Canada’s most-awarded newsroom for a reason
Enjoy unlimited digital access
$1.99
per week
for 24 weeks
Canada’s most-awarded newsroom for a reason
$1.99
per week
for 24 weeks
// //

Communications Security Establishment Canada (CSEC) chief John Forster holds a document marked top secret while waiting to testify before the Senate national security and defence committee in Ottawa February 3, 2014. Communications Security Establishment Canada chief John Forster says the revelation this week that a Chinese state-sponsored player infiltrated the National Research Council’s computer network shows Canada is not immune from such aggression

© Chris Wattie / Reuters/Reuters

Malicious hackers are "constantly probing" federal computer systems so they can break in and steal coveted information, says the head of Canada's electronic spy agency.

Communications Security Establishment Canada chief John Forster says the revelation this week that a Chinese state-sponsored player infiltrated the National Research Council's computer network shows Canada is not immune from such aggression.

China has vehemently denied involvement in the cyberattack, accusing Canada of making baseless accusations.

Story continues below advertisement

But Forster used the attack on the research council — whose specialists study everything from aerospace technology to crop science — to defend CSEC's role in protecting federal computers.

"These malicious actors are constantly probing Government of Canada systems and networks for weaknesses so that they infiltrate them and steal valuable information," Forster wrote in a letter to the editor of the Toronto-based Globe and Mail newspaper.

"When we detect emails or other communications that contain malware or other threats, we block, collect and analyze them. And, we work with appropriate departments to take action to neutralize the threat."

The spy service takes strict measures to protect the privacy of Canadians in doing such work, Forster insisted.

CSEC employs mathematicians, codebreakers, linguists and software experts with the aim of both collecting foreign secrets and shielding Canada's confidences from prying eyes.

Leaked revelations from Edward Snowden, a former U.S. intelligence contractor, have raised questions about CSEC's surveillance activities, which include monitoring foreign email and telephone communications for information of intelligence interest to Canada.

The intrusion at the National Research Council, and the government's public declaration of CSEC's role in detecting it, underscore the agency's defensive work in cyberspace.

Story continues below advertisement

CSEC says it cannot monitor global communications in the modern era of Internet-based traffic without sweeping up at least some Canadian information.

As a result, the defence minister specially authorizes CSEC's cyberdefence efforts. Otherwise, these activities would risk violating the Criminal Code provision against intercepting private Canadian communications.

The agency doesn't keep personal information about Canadians if the material is considered irrelevant to protecting networks, Forster said in the letter to the Globe.

However, the spy agency has acknowledged that it maintains an information bank containing the personal information of "potentially any individual" who communicates electronically with a key federal computer network while CSEC is assessing its vulnerability.

For instance, the personal information of a Canadian might be kept if a foreign cyberattacker engages in phishing — an attempt to compromise a government department's system by sending a carefully crafted email that appears to originate from a known or trusted sender, the spy agency says.

Details of the cyberattack on the research council are unclear, though the federal privacy commissioner's office says it involved personal data.

Story continues below advertisement

CSEC's general information-security advice to federal departments suggests the attack could have flowed from something as mundane as ordinary use of social media like Facebook or Twitter.

In one security bulletin, the spy service warns agencies that rogue parties frequently embed malware in social media websites or related applications.

Sometimes threats involve an attacker taking control of an official account, which may lead to the disclosure of sensitive information "resulting in the compromise of the security of departmental networks," CSEC says.

Some of the documents Snowden leaked last year to journalists indicated that Canada helped the U.S. and Britain spy on participants at the London G20 summit in 2009. Other material suggested CSEC once monitored Brazil's department of mines and energy, or at least mapped out in a detailed presentation how it could do so.

It means Canada has a "little bit of a problem" pointing a finger at China if Canada is also spying on other governments, said NDP defence critic Jack Harris.

"We've got to start setting some examples, too."

Report an error
Due to technical reasons, we have temporarily removed commenting from our articles. We hope to have this fixed soon. Thank you for your patience. If you are looking to give feedback on our new site, please send it along to feedback@globeandmail.com. If you want to write a letter to the editor, please forward to letters@globeandmail.com.

Welcome to The Globe and Mail’s comment community. This is a space where subscribers can engage with each other and Globe staff. Non-subscribers can read and sort comments but will not be able to engage with them in any way. Click here to subscribe.

If you would like to write a letter to the editor, please forward it to letters@globeandmail.com. Readers can also interact with The Globe on Facebook and Twitter .

Welcome to The Globe and Mail’s comment community. This is a space where subscribers can engage with each other and Globe staff. Non-subscribers can read and sort comments but will not be able to engage with them in any way. Click here to subscribe.

If you would like to write a letter to the editor, please forward it to letters@globeandmail.com. Readers can also interact with The Globe on Facebook and Twitter .

Welcome to The Globe and Mail’s comment community. This is a space where subscribers can engage with each other and Globe staff.

We aim to create a safe and valuable space for discussion and debate. That means:

  • Treat others as you wish to be treated
  • Criticize ideas, not people
  • Stay on topic
  • Avoid the use of toxic and offensive language
  • Flag bad behaviour

If you do not see your comment posted immediately, it is being reviewed by the moderation team and may appear shortly, generally within an hour.

We aim to have all comments reviewed in a timely manner.

Comments that violate our community guidelines will not be posted.

UPDATED: Read our community guidelines here

Discussion loading ...

To view this site properly, enable cookies in your browser. Read our privacy policy to learn more.
How to enable cookies