September 9, 2019 | Local, C4ISR

Norad asked Canada to 'identify and mitigate' cyber threats to critical civilian sites

by Murray Brewster

The U.S.-led North American Aerospace Defence Command (Norad) asked the Canadian military to do an inventory of its bases and the surrounding civilian infrastructure, looking for critical systems vulnerable to a cyberattack.

The letter to Canada's chief of the defence staff, written by then-Norad commander U.S. Admiral William Gourtney just over three years ago, was obtained by CBC News under access to information legislation.

Despite the passage of time, two leading cyber experts said the request highlights an enduring concern of both defence planners and people in high-tech industries.

The notion that a cyberattack could shut down civilian infrastructure — such as power grids, water treatment plants or traffic systems — in the vicinity of a military base is nothing new.

What is unusual is that Norad sought reassurance, at the highest levels of the military, that Canada was on top of the evolving threat.

The Norad commander asked Gen. Jonathan Vance to "identify and mitigate" Infrastructure Control Systems (ICS) vulnerabilities on Canadian military bases, particularly at "installations that are critical for accomplishing Norad missions."

The March 24, 2016 letter also urged Canada's top military commander to "advocate developing capabilities to respond to cyber incidents on CAF [infrastructure control systems] and defend CAF [infrastructure control systems] if required."

Gourtney's concern was not limited to defence installations; he asked Vance to "work with Public Safety Canada to identify civilian infrastructure that is critical to CAF and Norad missions. This includes developing processes for reporting cyber incidents on the identified civilian infrastructure."

Vance responded to Gourtney (who has since retired and was replaced by U.S. Air Force Gen. Terrence O'Shaughnessy) three months later and directed the military to hunt for vulnerabilities.

"I share Norad's concerns for the cybersecurity" of critical defence infrastructure, Vance wrote on June 10, 2016, in a letter obtained by CBC News under access to information legislation.

He noted that the Canadian government has identified "adversaries" that pose "a significant threat and efforts have been made to identify and develop protective strategies for Canadian critical infrastructure."

The Liberal government — through its defence strategy and overhaul of security legislation — tackled some of the concerns raised by Norad.

It gave the Communications Security Establishment (CSE) and the military new powers to conduct offensive cyber operations. Perhaps more importantly, it set up the Canadian Centre for Cyber Security for civilian infrastructure, which — according to CSE — aims to "be a place where private and public sectors work side-by-side to solve Canada's most complex cyber issues."

David Masson, a cyber expert, said minimizing the vulnerability of civilian, privately operated infrastructure continues to be an extraordinarily complex task.

The major vulnerability is in what's known as operational technology systems, the kind of computer-driven tasks in utilities and other infrastructure that open and close valves or perform remote functions.

The task of securing them is made extraordinary difficult in part by the wide variety of operating systems out there.

"There's lots of them," said Masson, the director of technology at Darktrace, a leading cybersecurity company. "Look at it as 50, 60, 70 different bespoke communications systems. There's no real standardization because they're so old. Many of them were never expected to be connected to the internet."

He pointed to the 2015 and 2016 cyberattacks on Ukraine's power grid, which in one instance cut electricity to 225,000 people, as examples of what's possible when hackers go after operational technology systems.

It is also the kind of event that Norad is concerned about.

"The kinds of equipment and machinery that supports the transport of natural gas or the provision of air conditioned services, or our water supply — all of those are critical to Canadians and our militaries," Lt.-Gen.Christopher Coates, the Canadian deputy commander, said in a recent interview with CBC News.

He said Norad is focused on the capabilities that are essential to doing its job of defending North America against attack, and they try to "minimize those vulnerabilities where we can."

There is, Coates said, an interesting discussion taking place at many levels of the military about what constitutes critical infrastructure.

"You asked if we're satisfied. I get paid to be concerned about the defences and security of our nations. I don't think I should ever be satisfied," he added.

'Inauthentic activity' in Alberta election a possible preview of tactics in the federal campaign, report warns
Privacy commissioner launches investigation into licence plate breach
With ransomware on the rise, RCMP urging victims to 'be patient with police'
Christian Leuprecht, a defence expert at Queen's University in Kingston, Ont., said defining critical infrastructure is a complex and evolving task.

He pointed to Russian interference in the 2016 U.S. presidential election; prior to that event, he said, the definition of critical infrastructure was limited to power plants, electricity grids and even the financial system.

"A lot of things people are wrestling with the question of what institutions — take, for example, democratic institutions — become critical infrastructure," said Leuprecht.

The Ukrainian attacks, in the view of many defence experts, are a blueprint of what the opening shots of a future war would look like.

"There's a considerable and growing awareness that our defence and critical infrastructure systems are closely tied together because countries, such as China, preserve cyberattack as a first-strike option," Leuprecht said.

Masson said there are ways to limit the vulnerability of operational technology systems. Not connecting them to the internet would be a start, but many companies are choosing not to do that for efficiency reasons.

He said they also can be protected with "robust" security systems.

https://www.cbc.ca/news/politics/norad-cyber-civilian-1.5273917

On the same subject

April 25, 2019 | Local, Aerospace

Charlie Bouchard steps down from Lockheed Martin Canada’s top job
DAVID PUGLIESE, OTTAWA CITIZEN Charles Bouchard announced his decision Wednesday to retire as Chief Executive, Lockheed Martin Canada effective April 30. Bouchard, a retired lieutenant general, served in the role for nearly six years. He had a 37-year career in the Royal Canadian Air Force. “I have thoroughly enjoyed serving Lockheed Martin Canada and Lockheed Martin Corporation and while the time has come for me to retire, I will remain an ardent supporter and advocate of the work Lockheed Martin does to deliver the best equipment to today's modern warfighter, the F-35 being a primary example,” Bouchard said in a statement. Lorraine Ben will serve as Interim Chief Executive. https://ottawacitizen.com/news/national/defence-watch/charlie-bouchard-steps-down-from-lockheed-martin-canadas-top-job
July 17, 2024 | Local, Land, Security

Equalization, NATO spending dominate premiers’ meeting
B.C. Premier David Eby backed Newfoundland and Labrador’s legal challenge of the federal equalization payment program, while Manitoba Premier Wab Kinew called on the federal government to meet NATO’s two per cent spending target “within the next four years.”
May 14, 2018 | Local, Aerospace

RCAF working toward new sniper pod placement on CF-188 Hornet
Chris Thatcher In a two-by-three metre wind tunnel at the National Research Council of Canada's (NRC) aerospace research centre in Ottawa, aerospace engineers are gathering data for the Royal Canadian Air Force (RCAF) this week to validate the placement of the sniper pod on the centreline station of the CF-188 Hornet. “For this configuration, we are running at close to takeoff and landing speeds to simulate the take off and landing of the F-18, about 100 metres per second or almost 200 knots,” explained Melissa Richardson, an aerodynamics research officer and the project manager for the testing process, as wind whipped over the inverted nose landing gear and sniper pod. The CF-188 fighter jet has carried a certified sniper pod on the left side of the fuselage, below the engine intake, since the aircraft were upgraded in the early 2000. But lessons from recent operations over Libya in 2011 and Iraq and Syria between October 2014 and March 2016 convinced pilots they would have a better view of possible targets with the centerline placement. “We found a lot of our missions revolved around looking at the ground, monitoring areas of interest and targets for missions that are four to five hours long,” said Capt Tom Lawrence, a CF-188 pilot and the project officer for fighter weapons and equipment. “When [pilots] are manoeuvring their aircraft, there is a chance of the aircraft actually masking the targeting pod. Putting [it] on the centre of the aircraft allows a larger field of regard.” Rather than bank left to maintain focus on a target, the new placement should ensure an uninterrupted view of the ground or target aircraft, “taking that frustration out of the pilot's mind,” he said. “They can just focus on the imagery and the task at hand.” Lawrence said it could also make it easier for pilots to employ weapons and assess battle damage effects. The purpose of the wind tunnel tests is to measure the aerodynamics created by the nose landing gear on the sniper pod mounted behind it at times when it is most exposed to turbulence, said Richardson. Among concerns before the tests began were the effect of significant vibration on the pod and the possibility of debris being kicked up by the wheels and striking its protective glass shield. “[We need to] make sure the aircraft is safe to operate with the sniper pod on this new location. That means it can take off and land without excessive vibration, that the loads are still within acceptable limits,” explained Capt David Demel, the certification authority with the RCAF's Technical Airworthiness Authority. “This is the goal of the current wind tunnel test, to confirm that before we move to the flight test phase in Cold Lake in the September timeframe.” A second a high-speed equivalent test will be conducted by the NRC at its high speed trisonic wind tunnel in about three weeks, using a six per cent scale model, that will include ensuring engine intake airflow is not affected. Test pilots with the Operational Test and Evaluation Unit in Cold Lake will then recertify operational airworthiness of the sniper pod in its new placement. While the testing facilities are being provided by the NRC, the vibration data is being gathered and analyzed by Bombardier, which has provided some of the instrumentation. The sniper pod and landing gear were installed in the wind tunnel by L-3 MAS, which will have the task of mounting the pods in the new location on the entire CF-188 fleet–including the 18 F/A-18 Hornets the government is negotiating to buy from the Royal Australian Air Force–once approved. “We're all collaborating on the project as it goes through each phase, from technical airworthiness to operational airworthiness,” said Lawrence. https://www.skiesmag.com/news/rcaf-planning-new-sniper-pod-placement-cf-188-hornet/

All news