OTTAWA— Canada’s minister of public safety has suggested that the U.S. defence secretary’s warning of a “cyber Pearl Harbor” attack on key commercial infrastructure may be an exaggeration.
Public Safety Minister Vic Toews was asked at a news conference about cyber security whether he believes Canada also faces a potential attack on its public and private networks — on the scale described by U.S. Defence Secretary Leon Panetta.
Toews replied: “I don’t know whether he has overstated it, but certainly there is a risk to cyber security” that every developed nation has to guard against.
Panetta, the top U.S. defence official in the Obama administration, last week warned the U.S. may be vulnerable to a devastating attack on its business, financial and transport computer systems, and called for passage of legislation to bolster the nation’s cyber-protections.
David Skillicorn, a professor at Queen’s University’s school of computing, said the alarm sounded by Leon Panetta is “by no means overblown.”
The Americans understand the threat, Skillicorn said, because the U.S. government has developed its own means of conducting cyber attacks, and recognizes what digital weaponry can be turned back on its systems.
“It seems the Americans have a sort of Swiss Army system with five or six blades that do various things and we don’t know what all of them are. We have to assume that the Brits and the Russians and the Chinese are at least doing it as well. Nation states have huge capacity in this area,” he said, adding there is an emerging threat from professional hackers “for hire” to the highest bidder.
Panetta’s comments, made last week, followed a damning congressional investigation into telecommunications giants Huawei and ZTE that suggested they could be used to conduct Chinese spying operations. He didn’t name China or those companies specifically.
Toews declined Wednesday to say whether he regards China or Huawei — which has a Canadian-based operation and has sold equipment to major Canadian telecom companies like Bell Canada, Telus, SaskTel and Wind Mobile — as a threat to Canada’s cyber security.
He also would not discuss whether Huawei should be barred from bidding on building a new federal government network that will consolidate all government telecommunications, desktop computer services, data centres, IT security services and Internet access points under the umbrella of Shared Services Canada.
Toews said it would not serve any purpose to name specific countries or companies, and that there is an appropriate time to do so. “Decisions have to be made.”
Last week, a spokesman for Prime Minister Stephen Harper suggested a national security exemption in the Investment Canada Act could be invoked to prevent Huawei from bidding on the new federal network.
Asked if he believes the investment act’s national security provisions are strong enough, Toews said Canada has a “very robust system, but we’d be living in a fool’s world if we thought we can establish any type of legislative framework or a technological framework and have that last indefinitely.”
“This is a constant struggle because of the nature of technology and how quickly it is evolving, and so we are certainly looking at all possibilities when we look to further buttress our secure mechanisms.”
Skillicorn said Canada has adopted a passive approach to cyber security that deals with incidents after the fact. He suggested that the Communications Security Establishment, Canada’s ultrasecret signals intelligence agency, should take the lead on cyber security.
“The missing piece in the Canadian framework is some unit that is thinking about the longer term, more strategic, more proactive part of the story. The capacity we have in the Canadian government is scattered across different parts of the government and so has no leverage to tell Mr. Toews how serious these issues are.”
Toews announced Wednesday the Conservative government will inject another $155 million over five years to boost the Canadian Cyber Incident Response Centre, a federal centre that helps co-ordinate, prevent or respond to attacks on non-government systems.
Toews said it is important for Ottawa to work with allies and the private sector to ensure Canada’s government, business and private networks are secure.
But Toews insisted Canada would make its own judgment on any international telecommunications companies seeking to do business here.
“The Americans make their own decisions; we make our decisions,” he said. “We certainly look at what the Americans are doing and consider that, but we will make decisions in the best interests of Canada.”
NDP leader Thomas Mulcair said the Conservatives “are starting to show more and more that they’ve been improvising on a lot of these foreign investment files. We simply don’t know what criteria they are going to be basing themselves on.”
Mulcair said the government has expressed serious national security concerns before but “there is no objective information.”
“That’s not good for Canadians and it’s not good for foreign investors. They’ve been promising for a long time to start making the rules clearer and they haven’t done so thus far. I think Minister Toews has really been part of the problem on this.”
“I think we’ve got to be putting our cards on the table and saying if those national security concerns exist, we’ve got to define them and start explaining what the rules are for people and that’s fair for everyone.”
Original Article
Source: the star
Author: Tonda MacCharles
Public Safety Minister Vic Toews was asked at a news conference about cyber security whether he believes Canada also faces a potential attack on its public and private networks — on the scale described by U.S. Defence Secretary Leon Panetta.
Toews replied: “I don’t know whether he has overstated it, but certainly there is a risk to cyber security” that every developed nation has to guard against.
Panetta, the top U.S. defence official in the Obama administration, last week warned the U.S. may be vulnerable to a devastating attack on its business, financial and transport computer systems, and called for passage of legislation to bolster the nation’s cyber-protections.
David Skillicorn, a professor at Queen’s University’s school of computing, said the alarm sounded by Leon Panetta is “by no means overblown.”
The Americans understand the threat, Skillicorn said, because the U.S. government has developed its own means of conducting cyber attacks, and recognizes what digital weaponry can be turned back on its systems.
“It seems the Americans have a sort of Swiss Army system with five or six blades that do various things and we don’t know what all of them are. We have to assume that the Brits and the Russians and the Chinese are at least doing it as well. Nation states have huge capacity in this area,” he said, adding there is an emerging threat from professional hackers “for hire” to the highest bidder.
Panetta’s comments, made last week, followed a damning congressional investigation into telecommunications giants Huawei and ZTE that suggested they could be used to conduct Chinese spying operations. He didn’t name China or those companies specifically.
Toews declined Wednesday to say whether he regards China or Huawei — which has a Canadian-based operation and has sold equipment to major Canadian telecom companies like Bell Canada, Telus, SaskTel and Wind Mobile — as a threat to Canada’s cyber security.
He also would not discuss whether Huawei should be barred from bidding on building a new federal government network that will consolidate all government telecommunications, desktop computer services, data centres, IT security services and Internet access points under the umbrella of Shared Services Canada.
Toews said it would not serve any purpose to name specific countries or companies, and that there is an appropriate time to do so. “Decisions have to be made.”
Last week, a spokesman for Prime Minister Stephen Harper suggested a national security exemption in the Investment Canada Act could be invoked to prevent Huawei from bidding on the new federal network.
Asked if he believes the investment act’s national security provisions are strong enough, Toews said Canada has a “very robust system, but we’d be living in a fool’s world if we thought we can establish any type of legislative framework or a technological framework and have that last indefinitely.”
“This is a constant struggle because of the nature of technology and how quickly it is evolving, and so we are certainly looking at all possibilities when we look to further buttress our secure mechanisms.”
Skillicorn said Canada has adopted a passive approach to cyber security that deals with incidents after the fact. He suggested that the Communications Security Establishment, Canada’s ultrasecret signals intelligence agency, should take the lead on cyber security.
“The missing piece in the Canadian framework is some unit that is thinking about the longer term, more strategic, more proactive part of the story. The capacity we have in the Canadian government is scattered across different parts of the government and so has no leverage to tell Mr. Toews how serious these issues are.”
Toews announced Wednesday the Conservative government will inject another $155 million over five years to boost the Canadian Cyber Incident Response Centre, a federal centre that helps co-ordinate, prevent or respond to attacks on non-government systems.
Toews said it is important for Ottawa to work with allies and the private sector to ensure Canada’s government, business and private networks are secure.
But Toews insisted Canada would make its own judgment on any international telecommunications companies seeking to do business here.
“The Americans make their own decisions; we make our decisions,” he said. “We certainly look at what the Americans are doing and consider that, but we will make decisions in the best interests of Canada.”
NDP leader Thomas Mulcair said the Conservatives “are starting to show more and more that they’ve been improvising on a lot of these foreign investment files. We simply don’t know what criteria they are going to be basing themselves on.”
Mulcair said the government has expressed serious national security concerns before but “there is no objective information.”
“That’s not good for Canadians and it’s not good for foreign investors. They’ve been promising for a long time to start making the rules clearer and they haven’t done so thus far. I think Minister Toews has really been part of the problem on this.”
“I think we’ve got to be putting our cards on the table and saying if those national security concerns exist, we’ve got to define them and start explaining what the rules are for people and that’s fair for everyone.”
Original Article
Source: the star
Author: Tonda MacCharles
No comments:
Post a Comment