Back to news

September 9, 2019 | Local, C4ISR

Norad asked Canada to 'identify and mitigate' cyber threats to critical civilian sites

by Murray Brewster

The U.S.-led North American Aerospace Defence Command (Norad) asked the Canadian military to do an inventory of its bases and the surrounding civilian infrastructure, looking for critical systems vulnerable to a cyberattack.

The letter to Canada's chief of the defence staff, written by then-Norad commander U.S. Admiral William Gourtney just over three years ago, was obtained by CBC News under access to information legislation.

Despite the passage of time, two leading cyber experts said the request highlights an enduring concern of both defence planners and people in high-tech industries.

The notion that a cyberattack could shut down civilian infrastructure — such as power grids, water treatment plants or traffic systems — in the vicinity of a military base is nothing new.

What is unusual is that Norad sought reassurance, at the highest levels of the military, that Canada was on top of the evolving threat.

The Norad commander asked Gen. Jonathan Vance to "identify and mitigate" Infrastructure Control Systems (ICS) vulnerabilities on Canadian military bases, particularly at "installations that are critical for accomplishing Norad missions."

The March 24, 2016 letter also urged Canada's top military commander to "advocate developing capabilities to respond to cyber incidents on CAF [infrastructure control systems] and defend CAF [infrastructure control systems] if required."

Gourtney's concern was not limited to defence installations; he asked Vance to "work with Public Safety Canada to identify civilian infrastructure that is critical to CAF and Norad missions. This includes developing processes for reporting cyber incidents on the identified civilian infrastructure."

Vance responded to Gourtney (who has since retired and was replaced by U.S. Air Force Gen. Terrence O'Shaughnessy) three months later and directed the military to hunt for vulnerabilities.

"I share Norad's concerns for the cybersecurity" of critical defence infrastructure, Vance wrote on June 10, 2016, in a letter obtained by CBC News under access to information legislation.

He noted that the Canadian government has identified "adversaries" that pose "a significant threat and efforts have been made to identify and develop protective strategies for Canadian critical infrastructure."

The Liberal government — through its defence strategy and overhaul of security legislation — tackled some of the concerns raised by Norad.

It gave the Communications Security Establishment (CSE) and the military new powers to conduct offensive cyber operations. Perhaps more importantly, it set up the Canadian Centre for Cyber Security for civilian infrastructure, which — according to CSE — aims to "be a place where private and public sectors work side-by-side to solve Canada's most complex cyber issues."

David Masson, a cyber expert, said minimizing the vulnerability of civilian, privately operated infrastructure continues to be an extraordinarily complex task.

The major vulnerability is in what's known as operational technology systems, the kind of computer-driven tasks in utilities and other infrastructure that open and close valves or perform remote functions.

The task of securing them is made extraordinary difficult in part by the wide variety of operating systems out there.

"There's lots of them," said Masson, the director of technology at Darktrace, a leading cybersecurity company. "Look at it as 50, 60, 70 different bespoke communications systems. There's no real standardization because they're so old. Many of them were never expected to be connected to the internet."

He pointed to the 2015 and 2016 cyberattacks on Ukraine's power grid, which in one instance cut electricity to 225,000 people, as examples of what's possible when hackers go after operational technology systems.

It is also the kind of event that Norad is concerned about.

"The kinds of equipment and machinery that supports the transport of natural gas or the provision of air conditioned services, or our water supply — all of those are critical to Canadians and our militaries," Lt.-Gen.Christopher Coates, the Canadian deputy commander, said in a recent interview with CBC News.

He said Norad is focused on the capabilities that are essential to doing its job of defending North America against attack, and they try to "minimize those vulnerabilities where we can."

There is, Coates said, an interesting discussion taking place at many levels of the military about what constitutes critical infrastructure.

"You asked if we're satisfied. I get paid to be concerned about the defences and security of our nations. I don't think I should ever be satisfied," he added.

'Inauthentic activity' in Alberta election a possible preview of tactics in the federal campaign, report warns
Privacy commissioner launches investigation into licence plate breach
With ransomware on the rise, RCMP urging victims to 'be patient with police'
Christian Leuprecht, a defence expert at Queen's University in Kingston, Ont., said defining critical infrastructure is a complex and evolving task.

He pointed to Russian interference in the 2016 U.S. presidential election; prior to that event, he said, the definition of critical infrastructure was limited to power plants, electricity grids and even the financial system.

"A lot of things people are wrestling with the question of what institutions — take, for example, democratic institutions — become critical infrastructure," said Leuprecht.

The Ukrainian attacks, in the view of many defence experts, are a blueprint of what the opening shots of a future war would look like.

"There's a considerable and growing awareness that our defence and critical infrastructure systems are closely tied together because countries, such as China, preserve cyberattack as a first-strike option," Leuprecht said.

Masson said there are ways to limit the vulnerability of operational technology systems. Not connecting them to the internet would be a start, but many companies are choosing not to do that for efficiency reasons.

He said they also can be protected with "robust" security systems.

On the same subject

  • An 'embarrassing' gear shortage has Canadian troops in Latvia buying their own helmets | CBC News

    June 5, 2023 | Local, Land

    An 'embarrassing' gear shortage has Canadian troops in Latvia buying their own helmets | CBC News

    Canadian troops in Latvia have been buying their own ballistic helmets with better ear protection and are looking at their allies with envy as Danish soldiers arrive with more modern Canadian-made weapons. It is a sign that the army’s problems with equipping its battle group in the Baltic go beyond the absence of modern anti-tank and anti-aircraft weapons.

  • Team Artemis Adds Canadian Companies for Royal Canadian Air Force’s Remotely Piloted Aircraft System Program

    April 22, 2021 | Local, Aerospace

    Team Artemis Adds Canadian Companies for Royal Canadian Air Force’s Remotely Piloted Aircraft System Program

    Highlights:  Four Canadian aerospace companies join team  Companies bring engineering, logistics, training and simulation and mission management expertise  Team's supplier base collectively employs more than 18,000 Canadians MIRABEL, Quebec, April 22, 2021 – Four Canadian companies have joined Team Artemis, expanding its expertise and capabilities to support the Royal Canadian Air Force's (RCAF) Remotely Piloted Aircraft Systems (RPAS) program. Airbus Defence and Space Canada, based in Ontario, joins Alberta-based companies ATCO Frontec, Canadian UAVs and Lockheed Martin CDL Systems as members of Team Artemis, led by L3Harris Technologies, a global technology innovator, and Israel Aerospace Industries (IAI), a world leader in unmanned aircraft system (UAS) development. The additions to Team Artemis bring expertise in aeronautics engineering, deployed logistics, training and simulation, and mission management capability. They complement team members that provide crucial Canadian components – the WESCAM MX-Series EO/IR turret from L3Harris and the PT6A engine from Quebec-based Pratt & Whitney Canada. L3Harris, with Canadian operations in 14 locations and six provinces, is serving as prime contractor and will provide C4ISR integration for the platform as well as all in-service support functions for the planned contract duration of more than 25 years. The Team Artemis supplier base collectively employs more than 18,000 Canadians, generates $11 billion in revenue and operates throughout the country. “The addition of these well-established, innovative and highly qualified companies further strengthens our position to offer the RCAF the most capable solution for its RPAS requirements,” said Ugo Paniconi, General Manager, L3Harris in Mirabel. “Our team will offer a proven, cost-effective solution, which will include substantial and sustainable Canadian industrial content – resulting in significant work packages and jobs across the country.” Team Artemis offers the Artemis UAS, which is based on IAI's Heron TP UAS but uniquely designed to meet Canadian specifications. The Heron TP has been in service for more than 10 years with the Israeli Air Force and has been selected by the German Armed Forces. It is the only combat-proven system that meets the RCAF's demanding operational requirements. The Government of Canada is planning to acquire an RPAS to help meet its defence needs. The RPAS will be integrated into a network of intelligence, surveillance and reconnaissance systems to enable near real-time flow of information essential to RCAF operations. L3Harris was selected as a qualified bidder in late May 2019. The request for proposal is expected to be released later this year, the contract awarded in 2022-2023 and the first system delivery is anticipated in 2024-2025. L3Harris is one of the country's largest and most diverse defense and security companies and employs more than 2,300 Canadian employees. To learn more, visit Forward-Looking Statements This press release contains forward-looking statements that reflect management's current expectations, assumptions and estimates of future performance and economic conditions. Such statements are made in reliance upon the safe harbor provisions of Section 27A of the Securities Act of 1933 and Section 21E of the Securities Exchange Act of 1934. The company cautions investors that any forward-looking statements are subject to risks and uncertainties that may cause actual results and future trends to differ materially from those matters expressed in or implied by such forward-looking statements. Statements about system capabilities, the value or expected value of orders, contracts or programs are forward-looking and involve risks and uncertainties. L3Harris disclaims any intention or obligation to update or revise any forward-looking statements, whether as a result of new information, future events, or otherwise. ###

  • Government of Canada Accepts New Vessels for the Canadian Coast Guard

    November 8, 2018 | Local, Naval

    Government of Canada Accepts New Vessels for the Canadian Coast Guard

    OTTAWA, Nov. 8, 2018 /CNW/ - The Government of Canada is making our oceans healthier, cleaner and safer than ever, thanks to the $1.5 billion Oceans Protections Plan. The Canadian Coast Guard's two new Channel Survey and Sounding Vessels (CSSVs) will support the ongoing commitment to ensure the safety of mariners in Canada as they serve as the platform for the Canadian Hydrographic Service's Channel Survey Program. The program collects information about channel conditions and water depth of the St. Lawrence waterway to assist in safe navigation. The Honourable Jonathan Wilkinson, Minister of Fisheries, Oceans and the Canadian Coast Guard has accepted two new CSSVs, called the CCGS Jean Bourdon and CCGS Helen Irene Battle, into the Canadian Coast Guard fleet. Under the Coast Guard's ship-naming policy, Channel Survey and Sounding Vessels are named after Canadian scientists, hydrographers, and explorers who have made significant contributions in their respective fields. In this case, Jean Bourdon carried out the first hydrographic studies of the St. Lawrence River, and Helen Irene Battle was an award-winning scientist and first woman in Canada to earn a PhD in marine biology. Both were important citizens whose contributions helped shape Canada. These new CSSVs were made in Canada by Kanter Marine of St. Thomas, Ontario, as part of the National Shipbuilding Strategy. These vessels will enhance the capability of the Department of Fisheries and Oceans, as well as other departments and agencies, to monitor and observe marine and environmental conditions. In addition, the new CSSVs will be able to assist with a number of activities related to search and rescue, aids to navigation, law enforcement, emergency response, and natural disasters, as well as supporting ecosystems and fisheries science in the region. Quote "This investment by the Canadian Coast Guard under the National Shipbuilding Strategy is a priority of the federal government. The new Channel Survey and Sounding Vessels will enable the Canadian Hydrographic Service to collect important data, while contributing to the safety of mariners through safe and efficient navigation on the St. Lawrence." The Honourable Jonathan Wilkinson, Minister of Fisheries, Oceans and the Canadian Coast Guard Quick Facts The Channel Survey and Sounding Vessels (CSSV), built by Kanter Marine of St. Thomas, ON, are a catamaran design of 11.95m in length. They will have a maximum speed in excess of 20kts and have a crew of four. The home port for the new CSSVs will be in Mont-Joli, Quebec; however, they will operate within the St. Lawrence River from Montreal to Isle-aux-Coudres. The new CSSV class reflects the advancements and new standards existing in the field of hydrographic surveys, such as multi-beam sonars, highly accurate positioning systems and modern data acquisition and processing technologies. The new CSSVs will allow hydrographic surveys to be conducted with better accuracy while reducing data gathering time. They will also be able to assist with a number of activities related to search and rescue, aids to navigation, law enforcement, emergency response, natural disasters as well as supporting ecosystems and fisheries science in the region. These two new vessels will replace the two current Channel Survey and Sounding Vessels (CCGS F.C.G. Smith and CCGS GC 03) operational in the St. Lawrence waterway, which have been in operation for an average of 37.5 years and are nearing the end of their lifespan.

All news