Wesley Wark teaches courses at the University of Ottawa’s Centre on Public Management and Policy. He is an expert on national security and intelligence in Canada.
The arrest of Cameron Ortis, a senior official with the RCMP, for alleged breaches of Canada’s secrecy laws, has fuelled all kinds of speculation about the damage he might have caused to national security. The question has been framed in spy-speak ways around what secrets this “mole” might have revealed, and to whom?
The RCMP has not been caught up in an internal security scandal for decades, not since some rogue Mounties trafficked with the KGB in the depths of the Cold War. The rarity of such a scandal, and lack of any contemporary experience, only deepens the question of what harm might have been caused. We know, at this stage, only the bare facts of the charges against Mr. Ortis and of his role at the RCMP. The Mounties have confirmed Mr. Ortis’s age (47), rank (Director General), length of time with the RCMP (12 years), position (Head of the RCMP’s National Intelligence Coordination Centre) and security clearance (top secret). Add all that up and you get a potential security nightmare – access galore to government secrets on the part of a senior and experienced government operative.
RCMP Commissioner Brenda Lucki, putting on her game face to meet the media last week, said the Ortis damage assessment is “fluid” and “dynamic.” That is not surprising; it is also not good. But consternation will soon move past the question of leaked secrets to something bigger still.
Apart from whatever secrets Mr. Ortis may have leaked, real damage has been done to a core and still nascent RCMP national security mission – the fight against cybercrime. Mr. Ortis was positioned as a key player in that effort.
The RCMP has been devoting years of work to developing expertise to combat cybercrime and to play an important role in a pan-government effort to strengthen cybersecurity practices.
The RCMP’s cybercrime effort goes back to the creation of a Cyber Crime Fusion Centre in 2011, established (with minimal resources) to boost intelligence reporting on cybercrime activities for law enforcement agencies in Canada and to make a contribution to an allied push centred in the “Five Eyes” intelligence alliance (Canada, United States, Britain, Australia and New Zealand).
The cybercrime centre was moved into Mr. Ortis’s National Intelligence Coordination Centre in 2014. The effort then began to attract greater resources and attention under Mr. Ortis’s watch. Cybercrime was an area where Mr. Ortis had expertise, going back to his writing of a PhD dissertation at the University of British Columbia in 2006, just prior to being hired to join the Mounties.
In that same year, the RCMP also published its first public report on trends in cybercrime. Its findings were alarming. Incidents of cybercrime were on the rise, that cyber capacities were expanding and changing the nature of criminal enterprises, and that any response to cybercrime required new technological skills and broad-based co-operation, both domestically and internationally.
The RCMP report highlighted two kinds of cybercrime threats, one of which attacked computer systems and data (which the Mounties labelled as “technology as target” cybercrime), the other which utilized advanced internet and information technologies to aid and abet crimes (“technology as instrument” cybercrime). The RCMP reported that most of the cybercrimes it was seeing fell into the “technology as instrument” basket. The report also identified “insider” threats posed by individuals working covertly within an organization who disrupt its activities.
If the allegations against Mr. Ortis hold up in court, the 2014 report, and a follow-up Cyber Crime Strategy issued by the Mounties in 2015, will be seen, in hindsight, as something inspired by his unit within the RCMP, that actually pointed a finger right at the threat he posed as an insider linked to the exploitation of technology for criminal purposes.
The RCMP planned a long game in ramping up its cybercrime intelligence activities. Mr. Ortis appears to have been a key player in that effort. Now years of work, including capacity building, organizational change, partnership arrangements, both domestically and internationally, all meant to lead to a better knowledge of the fast changing world of cybercrime and better ability to prosecute cybercriminals, will be disrupted and delayed.
Canadians will pay the price for all the turmoil that the Ortis case will create for the Mounties and for government action on cybersecurity. That price could be unpreparedness for the next wave of ransomware attacks, laggardly ability to detect a child pornography network or a human trafficking ring using sophisticated cyber techniques to hide its tracks, an undetected darknet exploiter such as Vincent Ramos, the Canadian businessman with a line in customized, secure cellphones for global drug traffickers, whom Mr. Ortis is alleged to have had ties, or an ally disappointed in our lack of collaborative capabilities in what is a global fight. It is a very big price to pay for the work of a lone disrupter.
Keep your Opinions sharp and informed. Get the Opinion newsletter. Sign up today.