By ALEX BOUTILIER Ottawa Bureau
OTTAWA–Canada's domestic spy agency is in the market for hackers.
The Canadian Security Intelligence Service (CSIS) wants to hire a “network exploitation analyst” to assist the agency in “cyber investigative activities.”
The successful candidate will be expected to build new tools for the spy agency to carry out electronic snooping, develop and maintain a database of “malware” exploits, and provide analysis of “technical artifacts,” according to the job posting.
CSIS, which investigates activities suspected of constituting threats to national security, can and routinely does rely on its sister agency, the Communication Security Establishment (CSE), for high-tech help with its espionage efforts. While CSE is focused on gathering foreign intelligence and is forbidden from spying on Canadians, it can assist domestic law enforcement and intelligence agencies with their own investigations.
But one spy watcher said CSIS building up an in-house capability for cyber spying may have less to do with traditional espionage than with its new powers actually to disrupt threats to Canada.
Ronald Deibert, the director of Citizen Lab at the University of Toronto's Munk School of Global Affairs, said he's not surprised CSIS is in the market for hackers — state-sponsored hacking is on the rise, and the Liberal government's new national security laws empower Canada's spy agencies to take part.
But Deibert, one of Canada's foremost cybersecurity researchers, told the Star that he has significant concerns about the agencies' new electronic powers.
“While (Liberal national security bill) C-59 placed some limits and provided some clarity on what those disruption powers would entail, the prospect of CSIS hacking in any form should give everyone pause, especially because there is still a lot of uncertainty around what that mandate would allow,” Deibert said in an email.
“Practically speaking, CSIS hacking could include computer network interference in a foreign election process, compromising the integrity of important digital tools that Canadians rely on for everyday privacy and security, creating fake online personas and using them to spread disinformation and more.”
John Townsend, a spokesperson for the spy agency, said Bill C-59 gives the agency “clear legislative authority” for the collection and analysis of information not “directly or immediately” related to national security threats.
Full article: https://www.thestar.com/news/canada/2019/01/03/canadas-domestic-spy-agency-looking-to-hire-hackers-and-data-scientists.html