Go to the Globe and Mail homepage

Jump to main navigationJump to main content

Ronald J. Deibert, Nart Villeneuve and Greg Walton discovered the spying operation they dubbed GhostNet. They are seen at the Munk Centre on March 29 2009. (JENNIFER ROBERTS/JENNIFER ROBERTS FOR THE GLOBE AND MAIL)
Ronald J. Deibert, Nart Villeneuve and Greg Walton discovered the spying operation they dubbed GhostNet. They are seen at the Munk Centre on March 29 2009. (JENNIFER ROBERTS/JENNIFER ROBERTS FOR THE GLOBE AND MAIL)

The Internet needs peacekeepers. Is Canada ready? Add to ...

But as countries such as the United States have built entire agencies to begin deal with the new realities of digital security, Canada has remained largely silent -- unwilling to take any sort of position of leadership on the subject, and so far unable to even develop a comprehensive cybersecurity policy.

The rise of digital warfare and cybercrime creates several uncomfortable questions, the answers to which have the potential to reshape how every Canadian experiences the Web. So far, the Internet has succeeded because of its openness, its ability to transcend national borders and, to some degree, because of our ability to use it anonymously. But are those days numbered? Are we destined instead for a Chinese Internet, a Russian Internet, an American Internet -- with each country playing by vastly different rules? What role should Canada play in attempting to save the Web as we know it?

EARLIER THIS YEAR, one of the biggest law firms in Canada came under attack. Staff members began receiving e-mails that appeared to be from one of the firm's partners, who was working on a major international M&A deal. The e-mail's author cited confidential details of the deal, and instructed recipients to open an attached file.

The file turned out to be a form of malware, giving the e-mail's real author access to the infected computers. When the law firm began investigating the incident, 20 computers were believed infected. The investigation eventually turned up 500 infected machines.

The law firm contacted a Toronto-based company called Digital Wyzdom, which specializes in investigating such attacks. Daniel Tobok, Digital Wyzdom's President, says his firm soon traced the attacks to an alarming source -- the malicious e-mails originated from government servers in Asia. Indeed, the servers belonged to the government of the nation where the deal was taking place -- and that government opposed the deal. (Mr. Tobok would not identify his client or the nature of the deal).

Two years ago, Mr. Tobok says such cases -- in which a foreign government played a part, or appeared to play a part, in a cyber attack -- made up about 1 to 5 per cent of Digital Wyzdom's business. Today, it makes up 10 to 15 per cent of cases.

"Governments are starting to realize that this is a vehicle for making things happen," Mr. Tobok says of such government-assisted cyber attacks.

"Honestly, unless criminal charges are pressed or our government gets involved through political channels, there's not much that can be done about it."

Malicious Web traffic is nothing new. What has been changing is the extent to which nations -- rather than just individual criminals or groups -- are utilizing what some analysts describe as the "dark web." The United States, for example, alleges that the Chinese military is behind a series of attempts to steal classified information from U.S. government computers dating back to 2003.

Perhaps the most famous example in recent years was the cyber attack on Estonia in April, 2007, which is alleged to have originated from Russia. The two nations were in the middle of a political dispute at the time, which appears to have spilled over into full-fledged cyber warfare. The attacks on Estonia infrastructure ranged from individual attackers employing fairly basic techniques, to massive networks of infected computers, similar to those infected by the Koobface malware, that were essentially rented out and temporarily repurposed as offensive weapons in a cyber war. The attacks appeared aimed at shutting down much of Estonia's critical infrastructure, from telecommunications networks to banks to broadcasters.

The Estonian incident was perhaps the highest-profile illustration not only of the disruptive geopolitical power of the Internet, but the growing overlap between the interests of petty cyber-criminals, organized crime and foreign governments.

"The next world war will likely happen in cyber space," says Hamadoun Touré, secretary general of the United Nations' International Telecommunications Union. "And we all know that the best way to win a war, any war, is to avoid it in the first place."

Report Typo/Error
Single page

Next story




Most popular videos »

More from The Globe and Mail

Most popular