Language selection

Government of Canada / Gouvernement du Canada

Search

Background information: Standing Committee on Public Safety and National Security: Canada’s Security Posture in Relation to Russia (June 9, 2022)

Standing Committee on Transport, Infrastructure and Communities summary: Threats to Canadian Waters, Ports and Airspace ()

Report on Parliamentary Committee Hearing

Name of Committee: Standing Committee on Transport, Infrastructure and Communities (TRAN)
Subject: Canada’s Preparedness to Respond to Russian Threats to Canadian Waters, Ports and Airspace
Date and time: ; 3:30 pm to 5:30 pm ET
Location: Room 315, Wellington Building, 197 Sparks Street
Report prepared by: Parliamentary Affairs Unit, Canada Border Services Agency

Witnesses

3:30 pm to 4:45 pm

Public Safety Canada (PS)

Ryan Schwartz, Acting Director General, Critical Infrastructure Directorate, National and Cyber Security Branch

Canada Border Services Agency (CBSA)

Denis Vinette, Vice President, Travellers Branch

Communications Security Establishment (CSE)

Rajiv Gupta, Associate Head, Canadian Centre for Cyber Security

4:45 pm to 5:30 pm

BlackBerry

Dr. John de Boer, Senior Director, Government Affairs and Public Policy, Canada

Highlights

On , the House of Commons Standing Committee on Transport, Infrastructure and Communities (TRAN) adopted a motion introduced by Melissa Lantsman, the Conservative committee Vice-Chair:/p>

That, pursuant to standing order 108(2) and in light of the presence of Russian vessels on Canada’s east coast and the violation of prohibited airspace by Russian aircraft, the committee immediately undertakes a study of Canada’s preparedness to respond to Russian threats to Canadian waters, ports and airspace; that this study include two meetings; that the committee invite the Minister of Transport to appear, as well as other witnesses, at the request of the committee; and that the committee report its findings to the House.

The first meeting was held on , with the Minister of Transport alongside officials from Transport Canada. Witnesses from NAV CANADA appeared during the second hour.

The second meeting was held on , at which officials from PS, CSE, and the CBSA appeared for the first hour and fifteen minutes. For the remainder of the meeting, TRAN heard from Blackberry. Overall, the meeting went well and most questions were directed at CSE and PS. MPs were largely eager to hear about Canada’s preparedness and response mechanisms to potential cyber threats. They also inquired on any attempts from Russia to interfere with Canadian critical infrastructure (CI) systems, and if cyber threats had increased since the Russian invasion of Ukraine. Of note, the CBSA answered questions on various subjects, including:

  • The potential involvement of CBSA employees involved in foreign interference
  • Indications of foreign States attempt to work with national groups to encourage blockades of CI at Canada’s border crossings
  • CBSA’s ability to properly secure infrastructures at ports of entry (POE), including ports and airports
  • The impact of sanctions against Russia on CBSA’s daily operations
  • Requesting clarification around the Russian aircraft that landed in Yellowknife, Northwest Territories
  • CBSA’s ability to properly identify and screen Ukrainian refugees

An approximate transcript of all questions and answers is available at the end of this report.

Follow-ups

There are no follow-ups for the CBSA.

Next steps

Pursuant to the motion adopted on , it is expected that the Committee will draft and complete a report to be tabled in the House of Commons.

Meeting summary

To begin, Vice President Vinette then opened his remarks by explaining that the CBSA assesses the security risk and admissibility of persons coming to Canada. Admissibility of all travellers, he added, is decided on a case-by-case basis and based on the information made available at the time of entry. He explained that beyond the screening of travellers, the CBSA also uses a number of automated advance information sources from carriers and importers to identify goods and conveyances that may pose a threat to Canada. Specific to Russia, VP Vinette note that the CBSA is supporting the whole-of-Government response to the Russian invasion of Ukraine and is assisting Global Affairs Canada in the administration of the Special Economic Measures Act, the United Nations Act, Justice for Victims of Corrupt Foreign Officials Act, and Export and Import Permits Act. He ended his remarks by saying that the CBSA work with Transport Canada and the RCMP to ensure that security and sanctions are applied appropriately.

The witness from Communications Security Establishment (CSE) delivered opening remarks in which he explained that CSE was Canada’s lead technical authority for cyber security. He also stated that CSE has been tracking cyber threat activity associated with the current invasion of Ukraine by Russia. CSE continues to monitor the cyber threat environment, in Canada and globally, including those targeting critical infrastructure (CI) networks and operational and information technology systems. He also noted that CSE shares cyber threat intelligence with key partners, and issues unclassified threat bulletins on its website. Some bulletins specifically urged Canadian CI operators to be aware of threats and implement mitigation plans against known Russian cyber threat activities.

The witness from Public Safety (PS) delivered opening remark in which he stated that Public Safety leads the federal cyber security policy development, including the STRETEGY, as well as efforts to strengthen CI resilience in Canada. In this context, the federal government has taken steps to increase awareness for Canadians, especially CI owners and operators, of cyber threats, including those posed by Russian backed actors. PS and other departments and agencies work closely with allies, including international partners, to ensure Canada is prepared if our cyber systems were to be targeted. PS also does CI impact assessments in order to share information with industry on cyber risks and inform them of potential mitigation measures. PS concluded by saying that work is currently underway to develop a new strategy and approach to CI resilience, during which PS will work with federal partners, provincial and territorial counterparts, private sector stakeholders, etc.

Approximate transcript of questions and answers

Note: Questions directed to the CBSA are marked with the label Label: Question directed to the CBSA

Questions from the Conservative Party of Canada

Terry Dowdall

Question: During a media briefing on , Daniel Rogers, the Associate Chief of Communications Security Establishment (CSE), said that in light of the Russian invasion of Ukraine, the CSE strongly encourages all Canadian organisations to take immediate action and bolster their online cyber defences. While Mr. Rogers said that the CSE was not aware of any specific threats to Canadian organisations related to events in and around Ukraine, he pointed to a historical patterns on cyber attacks against Ukraine and other countries. In particular, Mr. Rogers said that CSE was monitoring cyber threats targeted at critical infrastructure networks, including those in the financial and the energy sectors. This is concerning for Canadians as so much of our personal and financial information is now stored in the cloud, in our computers or on our phones. Have we seen an uptake in attacks by either Russia or China since the invasion began?

Answer: (CSE) In Canada, from the Cyber Centre perspective, we have not seen that uptake in attacks against Canadian infrastructure.

Question: Do you think Canadian energy and financial companies are putting all the necessary levels of security to keep our personal information safe?

Answer: (CSE) We engage these sectors regularly. They are engaged in terms of the briefings that we are giving and I feel that they are working and listening to the threat advisories that we are putting out.

Question: On a scale from 1 to 10, 10 being extremely secure, where would you rate the preparedness of Canada’s financial and energy sectors against cyber attacks as of today?

Answer: (CSE) It would be difficult to rate, I would not be able to do that. I will say that they are engaged and are competent. We know that they are working on it. We are not regulators, so I don’t know exactly how they are mitigating their risks. But I do know that they tend to understand the advice and guidance.

Question: Last week, the U.S. Congress passed a new cyber security law which requires critical infrastructure entities to report cyber security incidents within 72 hours, and ransomware payments within 24 hours to the security agency. Is that something we should be doing in Canada?

Answer: (CSE) To start, we work on a voluntarily basis. We encourage all Canadians entities to report immediately to us, we are here to help. In terms of what happened in the U.S., we will be working with our counterparts in the U.S. to learn how it is working there and then educate ourselves based on their experience.

Answer: (PS) Just to quickly go back to the previous question on whether certain sectors are prepared. Further to my colleague’s comments, this is top of mind for industry associations. With respect to greater diligence and some of the proposals that you mention from the U.S., I would flag that Budget 2019 did provide some funding to support new legislation named at protecting Canada’s critical cyber systems in four sectors: finance, telecommunications, energy and transport. This continues to be developed by key departments and agencies.

Matt Jeneroux

Question: Mr. Gupta, can you expand on the comments you made about sharing information with government and understanding how does that happen? Does an incident occur and then you connect with the Minister directly or is it through a connection with a specific department for which it pertains to? If you could outline this more it would be helpful.

Answer: (CSE) Absolutely. I’ll make the assumption that we are talking of instances that are happening within government. Please clarify this after if needed. Within the government, the Canadian Centre for Cyber Security does monitor government departments. We have a variety of censors, we look at networks, the cloud, we gather information. We have analytics that run to take automated actions to defend the government and occasionally something gets through and there is an incident. At that case, we have a shared inbox for all government departments to notify us of an incident. Otherwise, we are typically notifying the departments that an incident happened, we assess the severity of it. If the incident is looking like it is going to expand beyond the simple control of a single department, then we escalate through a process we call the Cyber Security Emergency Management Plan that is led by TBS, and that involves stakeholders, including CCCS, Treasury Board and Shared Services Canada. There is a very structured process which we escalate through that program, calling on different levels of communications involving different departments.

Question: Are the Ministers of these departments then notified as well or is it through this command system?

Answer: (CSE) It is through that command system, basically the Cyber Security Emergency Management Plan, and this specifies the levels of notifications as you progress through the levels depending on the severity of the incident.

Question: Has there been any Russian attempts of cyber infiltration on Canadian waters, ports and airspace in 2022?

Answer: (CSE) Not that we are aware of in terms on incidents.

Question: Are any incidents under investigation?

Answer: (CSE) We do not speak to operational specifications here.

Question: Your Agency has urged organisations to report unexpected or unusual network behaviour. How many reports has your Agency received since Russia invaded Ukraine, or in the last month?

Answer: (CSE) I’m not sure of the exact number, each week we gather the numbers. We have received all sorts of reports at the Canadian National Cyber Centre. Probably in the hundreds or less than one hundred in terms of our typical intake. We believe those number to be underreported.

Question: Of these hundreds, what industries are you receiving these reports from?

Answer: (CSE) It’s across the sectors and they are from Canadian organisations.

Question: Is this higher in the last 3 years, or consistent?

Answer: (CSE) We are not seeing anything unusual in terms of the numbers of cyber threats. Threats tend to change overtime. We do not control the reporting.

Label: Question directed to the CBSA

Question: To CBSA and Public Safety, how many employees have been relieved of their duty for perceived or actual involvement in foreign interference since 2015? And if that number is zero, how many active investigations are ongoing?

Answer: (CBSA VP, TB) I’m not aware of any, I would have to verify on that front. Those are investigations that are normally undertaken by the RCPM and they would probably be better positioned to speak about any insider threat type of activity that would have been investigated at the CBSA.

Dan Muys

Question: Given the increase in serious cyber threats and in the context of deficiencies in defence spending by this government, would you say that there is a shortfall in what we should be spending on cyber security?

Answer: (CSE) In terms of resources, that might be more of a policy question. But I would highlight that cyber security is an all of society consideration and there are obligations on the providers as well as on government to provide elements of cyber security. It is a balance. Government needs to provide advice, guidance, tools and information to help organisations equip themselves and organisations need to invest in implementing those foundational cyber security and cyber resilient elements that they need to defend themselves.

Question: Would anyone from Public Safety or CBSA want to comment on that?

Answer: (PS) I would add that Budget 2019 allocated, I think, about $508 million for efforts to advance the renewed Cyber Security Strategy. I’d also say that there would be, and I don’t have a number for this, other resources that are applied there. For example, in my own group, efforts are undertaken to deliver programs that are not counted or lumped in as part of that $508 million.

Question: Would you say you have the resources you need now or would you need more?

Answer: (PS) This is a growth industry, if you will. I say that in the scope of the challenges is growing. I think significant investments have been made. As my colleague at the Cyber Centre said, cyber security and critical infrastructure security and resilience is a shared responsibility. I’m encouraged by the fact that a number of stakeholders in both the public and private sectors are working together, sharing resources and information to address this. The nature of the commitments that have been signaled in the mandate letter of Public Safety to renew a Strategy, I think it signals the intent to do more work here. But I can’t speak of whether we need more money at this point in time.

Question: Moving to energy infrastructure, as we look at critical infrastructure that needs to be protected, we know in May of last year, the Colonial Pipeline in Texas, which provides half the gasoline for the eastern U.S. was shut down for nearly a week due to a ransomware attack. You talked about how the ransomware threat is the one that has the biggest impact on Canadians. In terms of our critical transportation infrastructure, but also our energy infrastructure, are we prepared to a potential future attack?

Answer: (CSE) Absolutely. You highlighted Colonial Pipeline, that was certainly important. We took hat incredibly seriously and it was in line with what we had predicted in our Cyber Threat Assessment. In December [of 2021], we went on a ransomware campaign to educate Canadians to promote the tools and resources to help organisations equip themselves. In addition, we continuously share information on ransomware with the various sectors. You mentioned energy, we work closely with the energy sector and we have established two programs called Lighthouse, the other Blue Flame, with the gas industry across Canada to exchange cyber threat information in real time to help protect them. These are two pilots that we think are important to protect the energy sector.

Questions from the Liberal Party of Canada

Annie Koutrakis (Parliamentary Secretary to the Minister of Transport)

Label: Question directed to the CBSA

Question: Are there reasons to believe that foreign states could attempt to work with national groups to encourage the blockages of critical infrastructure with border crossing as we saw earlier this year?

Answer: (CBSA VP, TB) We are still in a period of exchange of information and we are listening to see what might compromise the fluidity of our border crossings given the importance to them to Canada’s safety and security. To answer your question directly, I have no information that shows that at the moment. But following the sanctions that have been set, we are ensuring that there are no border crossings from any country that is targeted. If we detect any radiation in the ports for example, we verify containerships that are arriving to see if there are any chemicals on board. I have no information at the moment that there are any efforts to bloc our borders.

Answer: (PS) I would preface this by saying I have no further intel then Mr. Vinette’s response. Looking back to the example of the recent blockades in February, I think another area worth examining is the effect of misinformation and disinformation, which can cascade across social media platforms and be used to incite certain responses that have negative and disruptive consequences on Canadian critical infrastructure, notably in the context of transportation. They can have strong destabilizing effects from a critical infrastructure stability and reliability perspective but also in terms of social cohesion.

Label: Question directed to the CBSA

Question: The situational awareness in terms of the marine and maritime, is it good enough to really protect our ports and our airspace?

Answer: (CBSA VP, TB) At the CBSA, we are partners with Transport Canada in terms of the responsibilities ensuring the regulation and the security at airports and in the ports. We always work closely with them to ensue that, as soon as there is any threat and any information that reaches one of our partners, it is shared. It is then assessed to determine whether a response is required. Whether it is maritime groups that are on our shores, or the integrated teams of the RCMP, the Coast Guard or our military partners, we work together to have an overview of what is happening on the seas. This is an example of the efforts that we make to secure our ports of entry in terms of ship movements. There is a similar effort made for airports.

Question: Do we have our own offenses capabilities we can use against Russia as retaliation if they try attacking our critical infrastructure?

Answer: (CSE) from a CSE perspective, we have defensive cyber operations that we have both in legislation and capability to perform.

George Chahal

Question: Mr. Gupta, to your knowledge, where do most of the cyber attacks or attempted attacks against Canada originate from?

Answer: (CSE) Cyber attacks can originate from anywhere in the world. Where they originate from does not necessarily represent where they are coming from. Threat actors are always trying to hide where they are coming from. From our threats assessments in 2018 and 2020, we talked about major threats facing Canada, the number one being cybercrime. In addition to that, we highlighted the State sponsored programs of Russian, North Korea and Iran.

Question: Which countries are the best at defending against cyber attacks and what can we learn from them?

Answer: (CSE) I don’t know if there is a real assessment as to which country is the best. The government of Canada has a fairly significant cyber defence program. We have divested technologies from Canada to other countries such as the U.K. We have a good program here and we work closely with our Five Eyes Partners to make sure we are amongst the best.

Question: Do you see Canada as a global leader in defending against cyber attacks?

Answer: (CSE) Yes.

Question: Mr. Schwartz, in your opening remarks, you talk about Public Safety Assessments and the impact to our transportation, ports and electrical grids. Have you seen Russian actors attacks or attempt attacks on our transportation infrastructure, either in Canada or in other countries?

Answer: (PS) Given the operational nature of the question, I will have to defer to my colleague at the Canadian Centre for Cyber Security.

Question: Can you talk about the work you have done regarding those sectors?

Answer: (PS) Absolutely. We have two programs, one of which is the Regional Resilient Assessment Program, with a physical and cyber security component. These are programs that go out to 10 critical infrastructure (CI) sectors across the country and has done a number of assessments at various CI facilities. There is a robust physical security assessment that we use with CI owners. That is complemented by the Canadian Cyber Resilience Review. In addition to that, we have a new tool this year called the Network Security Resilience Assessment that is able to look at facilities networks for weaknesses. We are collaborating with the Canadian Centre for Cyber Security in that respect. In addition, we undertake critical infrastructure impact assessments that look at cascading impacts on sectors, including interdependencies between sectors.

Question: Mr. Gupta, have we seen Russian backed hackers attacks or attempt to attack transportation port infrastructure before, here or abroad?

Answer: (CSE) I’m not aware of the port activity that you talk about.

Angelo Iacono

Question: What is the nature of these attacks? Are they denial of service attacks or ransomware attacks?

Answer: (CSE) In terms of the nature of attacks, we were describing ransomware. Ransomware is a threat where a threat actor will gain access to your network and encrypt your valuable data and hold it hostage until a ransom is paid. This threat has evolved to the point where the ransomware threat actors will actually take your data as well as encrypt it and threaten to extort you in terms of threatening leakage of the information. They are financially motivated, they will do what ever it takes to get that money. As we have seen, targeting various sectors, including healthcare, that have significant impact on lives. There are different types of threats, such as distributed denial-of-service (DDoS) attacks, and sometimes they are linked to ransomware as well. Actors will overwhelm a network with traffic and ask for a ransom to turn it off, but those are less common. There is also traditional espionage and theft of intellectual property or sensitive data which results in data breaches.

Label: Question directed to the CBSA

Question: Is it true that Russia often deals with non State actors such as criminal organised crime networks to guide their attacks so they can more easily deny them? Mr. Vinette?

Answer: (CBSA VP, TB) Excellent question, but it should be answered by my colleagues, thank you.

Answer: (CSE) In our threat assessment, we did highlight the links between Russia and some criminal organisation in saying that they were able to operate with relative impunity in countries in which they operated.

Question: In your opinion, what are the vulnerabilities we should be protecting in our own transportation networks?

Answer: (PS) From the perspective of pubic safety and critical infrastructure resilience, I think one of the main vulnerabilities that we see across CI sectors are industrial control systems that run power plants or traffic lights. These are some legacy systems that were not intended to be connecting to the Internet, but now are. From our perspective, a key vulnerability is industrial control systems in general. That would not just apply to the transportation sector, that applies across sectors. The impact is the interdependencies between sectors that can have a cascading effect. This is why exercises in terms of planning and preparing for such events are helpful as well. To the previous question, in terms of the energy sector, there are a number of exercise that we undertake with the private sector. Natural Resources Canada is the lead department for the energy utility sector.

Questions from the Bloc Québecois

Xavier Barsalou Duval, Critic for Transport, Infrastructure and Communities

Label: Question directed to the CBSA

Question: Mr. Vinette, I would like to know, since the government announced the series of measures regarding Russia, following the invasion of Ukraine, has those sanctions have any effect on your work? How have you adjusted your way of working since that time?

Answer: (CBSA VP, TB) Yes. In fact, we are always watching what is happening, whether it is merchandise or individuals, arriving when there are sanctions in effect. We have done that with North Korea in the past and now we have added the new sanctions in effect. We have issued directives to our agents so they are aware of the new decisions and sanctions. They can target and look at information to decide if we have ships or planes or cargos arriving that would be subject to the new sanctions. If so, we proceed to detain them and get in contact with Global Affairs to see if they should be seized or if we should refuse their entry into Canada. To say that we have put measures in place, yes. The immediate impact has not been very big. There have not been many ships or much merchandise coming in.

Question: I was wondering, because we had NAV CANADA and Transport Canada on the flight bans for Russian aircrafts overflying Canada, and there was some confusion as to the directives that were given. It was not clear what Transport Canada said at the outset so that there was a bogus humanitarian flight that, despite the ban, went through our airspace. Have you seen any indications or anything similar where we need some clarification regarding new measures put in place by the government?

Answer: (CBSA VP, TB) We do regular targeting on all trucks and aircrafts coming into the country. We work with the other intelligence services to check and go more in-depth when we have suspicions that there might be aircrafts that are about to arrive that might be in contravention to the sanctions. I think for the moment, it’s really up to Transport Canada, but we support their effort by ensuring that we carry out more in-depth checks and as soon as we have suspicions, we advise Transport Canada that there might be an incident or some transportation that should be investigated.

Question: In the end, you did not receive unclear directives?

Answer: (CBSA VP, TB) No. We work very closely with them [Transport Canada] daily.

Question: Have you played a role in the people that were forced to land in Yellowknife as an Agency? What happens with those people, Russian nationals, for example, who were not authorized, were not Canadians, and were forced to land? How do we send them home? Because we do not have any flights going to that country. How are these people treated, and I imagine we won’t keep these people in jail forever.

Answer: (CBSA VP, TB) There are two aspects to the answer. That was a small plane, it was not a commercial flight. It was a private aircraft. When we are informed that they would be subject to the sanctions, we informed Transport Canada and they are in charge of targeting that aircraft. As for the passengers, we did have a role to play to determine whether or not those people were in possession of the necessary documents to enter the country. And I have to say that there is no ban on Russians entering the country at this point, so it would perhaps be an issue of them entering regarding their [past/passport] that might be the reason from preventing them from coming in. We make sure that this is followed up by our agents. In the example of Yellowknife, they [the passengers] were sent to Calgary and then perhaps Toronto to leave the country and we would confirm their departure to ensure that they have indeed left if they were rejected.

Question: In your opinion, since we have many refugees coming from Ukraine, would that present a big challenge in terms of identifying those people? How do you ensure that the person you are facing is, indeed, that person?

Answer: (CBSA VP, TB) It is a very good question. We are in a position of welcoming Ukrainians coming into the country. The screening that is done, as we use biometrics, we check their documents and also their digital fingerprints, for example. We do all of these checks before they receive a permit to be able to travel to Canada. We do that to support the Immigration Department, so we have all these components of security. There is always a risk. People try to infiltrate a humanitarian process of this kind, and we ensure that we have all the measures in place.

Question: Mr. Gupta, Canada’s national index on cyber security is 66/100 which puts it in 34th place in the world in terms of cyber security. If we compare ourselves to countries like Germany, which has between 86-89/100 or France, who has 84/100, I don’t want us to look like amateur. What do we have to work on to improve that rating? What explains that our rating is so low compared with other countries?

Answer: (CSE) I’m unfamiliar with the index being referenced. Most importantly to me is right across the country we start implementing the basics of cyber security. It is foundational and applies to any types of threats, whether Russia, ransomware, cyber crime, of hacking. We have put out advice and guidance that make our country solid. I think working on those types of basic elements of cyber security is critical to making sure that we are ready and resilient to respond to any type of threats.

Question: Are you working on the implementation or the enhancing of cyber security as well in terms of provincial governments and municipalities, or do you focus on the federal government?

Answer: (CSE) We work closely with our provincial partners. I have recently met with all of the provincial CISOs across Canada. We see that as a collaborative effort to be able to increase cyber security in Canada.

Questions from the New Democratic Party of Canada

Taylor Bachrach (Critic for Infrastructure and Communities)

Question: Mr. Gupta, the Canadian Centre for Cyber Security (CSC) 2020 National Cyber Threat Assessment found that State sponsored cyber activity poses the greatest strategic threat to Canada and that this is likely to disrupt critical infrastructure in our country. Would you say that this assessment from two years ago is still accurate?

Answer: (CSE) I’ll mention two things. Within that report, we mention the greatest long term strategic threat to Canada was State sponsored activity, which is typically things that work against economic prosperity, national security as well as our democratic values. When you put all those together, that is when we are talking about the long term strategic threat. We also highlighted, in this assessment, the threat from ransomware, particularly the threat of ransomware against critical infrastructure, which we said would have the biggest impact on Canadians. That, unfortunately, has come true since the 2020 assessment. Last year, we have seen ransomware be the threat that had the biggest impact on Canadians. But with respect to the long term strategic threat, it is still the threat posed by the Nation States when you include our economic prosperity, national security and democratic values.

Question: Following the assessment in 2020, has the CSC conducted any analysis of specific threats to marine or air transport infrastructure?

Answer: (CSE) Unfortunately, we do not have a specific threat assessment for those two sectors. We have done some [assessments] to operational technologies in ICS systems which we believe are relevant when you look at the transportation sector, it is a combination of IT and opti-technologies.

Question: In March, the U.S. President issued a statement that warned against the potential that Russia could conduct malicious cyber activity against the U.S., including in response to the unprecedented economic costs that they have imposed on Russia alongside their allies, including Canada. Can you describe how the global cyber threat environment has changed since Russia’s invasion of Ukraine?

Answer: (CES) Going back to the 2020 Cyber Threat Assessment, we did mention that there were Nation States that have been developing capabilities to disrupt critical infrastructures. They had been doing reconnaissance in countries like Canada, but we did say in the 2020 Cyber Threat Assessment, in the absence of hostility or conflict, those threats would be low. Given the escalating tensions created in Europe, we have started warning Canada. On January 19, we posted our first escalating tensions bulletin urging critical infrastructure operators to be vigilant and to move to implement some of the recommendations that we had put forward in terms of preparation. We reinforced that further in February in another bulletin, with respect to destructive malware in Ukraine and others to continue to warn Canadians and inform them of what was going on. Just recently, as you referred to the U.S., Biden up the urgency once again. And we reinforced that on our website.

Question: Based on the available information, has there been an increase in the number of attempted cyber attacks targeting critical infrastructure, including transportation infrastructure, in the U.S. or in western allied country since Russia’s invasion?

Answer: (CSE) At this point, we have not seen an increase. We have knowledge of the cyber threats happening, but it would be the threats that we would have forecast happening already.

Question: You mentioned earlier the 2017 NotPetya cyber attack and we heard from Public Safety about some of the steps that they have taken since then to protect Canadian marine and shipping infrastructure. How vulnerable in marine shipping specifically in Canada?

Answer: (CSE) NotPetya was attributed to Russia, this answers an earlier question in cases we are aware of these. In terms of the vulnerability, I will turn that over to my Public Safety counterpart. We helped develop the tool, but the assessments and the knowledge and information that is fed back from that would not be in the hands of the Cyber Centre.

Answer: (PS) The work that we have done on ports with respect to some of the resilience assessment tools that we have, we have done physical security assessments at 14 facilities in Canada. We have only done cyber security assessments at four facilities. If you are wondering if that is low, it is. Part of the reason for that is that the programs that we offer are not mandatory, but voluntary, where Public Safety administers them on a free of charge basis. We rely on CI stakeholders coming to us to undertake these services. In this case, it is a low sample size, and from that we can’t draw specific comparison based on the overall vulnerability. We don’t share that information broadly, we sign confidentiality agreements with the CI owners and operators.

Question: In 2016, Transport Canada issued a best practices advice paper on cyber security for the maritime sector. I note it has not been updated since 2016. Have the cyber risks in the last six years evolved when it comes to the marine sector, and, if so, why has that best practices paper not been updated?

Answer: (CSE) This is not a product from the Cyber Centre, I’m not entirely aware of it. We do update our advice and guidance regularly on the Cyber Centre webpage. Much of our advice and guidance apply across the sectors and I would recommend people visit our site for the latest information.

Question: Transport Canada publically released proposals to modernize the marine security clearance program in 2021 and these proposals adjust the existing risk base requirements for individuals based on their access to critical systems and it adjusted them to include extending security vetting to anyone that is involved in the moving of marine cargo. Do you believe that the current profile of cyber security threats necessitates a significant expansion of security clearance requirements?

Answer: (PS) Unfortunately, I cannot answer that question. I believe this question would be best directed at Transport Canada.

Standing Committee on Public Safety and National Security: Committee overview

Committee Members: At a glance

Committee Members: At a glance
Name Political affiliation Constituency  
Chair
Jim Carr Liberal Winnipeg South Centre, Manitoba not appicable
Vice-Chairs
Raquel Dancho Conservative Kildonan—St. Paul, Manitoba Shadow Minister for Public Safety
Kristina Michaud Bloc Québécois Avignon—La Mitis—Matane—Matapédia, Quebec Critic for Public Safety and Emergency Preparedness, Climate Change, Youth
Members
Paul Chiang Liberal Markham—Unionville, Ontario Parliamentary Secretary to the Minister of Housing and Diversity and Inclusion (Diversity and Inclusion)
Pam Damoff Liberal Oakville North—Burlington, Ontario Parliamentary Secretary to the Minister of Public Safety
Dane Lloyd Conservative Sturgeon River—Parkland, Alberta Shadow Minister for Emergency Preparedness
Alistair MacGregor New Democrat Cowichan—Malahat—Langford, British Columbia Critic for Public Safety, Agriculture and Food; Deputy Critic for Justice
Ron McKinnon Liberal Coquitlam—Port Coquitlam, British Columbia not appicable
Taleeb Noormohamed Liberal Vancouver Granville, British Columbia not appicable
Doug Shipley Conservative Barrie—Springwater—Oro-Medonte, Ontario not appicable
Tako Van Popta Conservative Langley—Aldergrove, British Columbia not appicable
Sameer Zuberi Liberal Pierrefonds—Dollard, Quebec not appicable

About the Committee

SECU was created on , at the start of the 39th Parliament. The Committee is responsible for one of the largest departmental portfolios, including close to 140 statutes administered by the Department of Public Safety and Emergency Preparedness and its agencies, including the CBSA.

Committee Mandate

SECU reviews the legislation, policies, programs and expenditure plans of government departments and agencies responsible for public safety and national security, policing and law enforcement, corrections and conditional release of federal offenders, emergency management, crime prevention and the protection of Canada's borders.

The Standing Orders of the House of Commons provide that the committee may review and report on:

  • Legislation proposed by the government or Members of Parliament
  • Immediate, medium- and long-term expenditure plans, and the effectiveness of their implementation by the department
  • An analysis of the relative success of the relevant department, as measured by the results obtained as compared with its stated objectives
  • Other matters relating to the mandate, management, organization, or operation of the department in question, as the Committee deems fit

The committee examines the policies, programs and statutes relating to the following departments and agencies:

  • Public Safety Canada (PS)
  • Canada Border Services Agency (CBSA)
  • Canadian Security Intelligence Service (CSIS)
  • Correctional Service Canada (CSC)
  • Royal Canadian Mounted Police (RCMP)
  • Parole Board of Canada (PBC)
  • Civilian Review and Complaints Commission for the Royal Canadian Mounted Police (CRCC)
  • Royal Canadian Mounted Police External Review Committee (ERC)
  • Office of the Correctional Investigator (OCI)

CBSA-related Committee activity during the 44th Parliament

( to present)

CBSA officials appeared twice as part of the committee's study on gun control, illegal arms trafficking and the increase in gun crimes committed by members of street gangs.

  • On , the Minister of Public Safety appeared with Deputy Heads from the CBSA, Public Safety Canada, and the RCMP. The Minister answered questions on whether enforcement agencies are working effectively among themselves and with their local, Indigenous, and American counterparts; the President answered questions on efforts to combat firearm smuggling across the border, notably between ports of entry
  • On the Vice-Presidents, Intelligence and Enforcement Branch (IEB), and Commercial and Trade Branch, appeared with senior officials from the RCMP, as well as the Presidents of the Customs and Immigration Union and the National Police Federation. The VP, IEB, answered questions on funding, collaboration with law enforcement partners, and the CBSA's mandate for enforcement at, but not between, ports of entry
  • On , the Minister of Public Safety and portfolio senior officials appeared. The Minister answered questions about the buy-back program, notably its associated cost and efficiency. The President of the CBSA answered questions about examination in rail mode

CBSA officials appeared as part of the committee's study on the occupation of Ottawa and the federal government's response to convoy blockades at Canada's borders.

On , the Minister of Public Safety appeared for an hour with Deputy Heads from the CBSA, Public Safety Canada, and the RCMP. Afterwards, the Vice-Presidents, Intelligence and Enforcement Branch and Travellers Branch appeared for an hour with officials from Finance, Justice, Public Safety, FINTRAC, and the RCMP.

Current studies

  • The rise of ideologically motivated violent extremism (IMVE) in Canada
  • Assessment of Canada’s Security Posture in Relation to Russia

Other anticipated business and studies

  • Supplementary Estimates (C), 2021 to 2022 for the Public Safety Portfolio
  • Main Estimates, 2022 to 2023 for the Public Safety Portfolio

Committee Members

The Honourable Jim Carr (Chair)

Political affiliation: Liberal Party of Canada
Constituency: Winnipeg South Centre, Manitoba

Profession/Occupation: MPP, businessman

Political experience:

  • First elected in 2015 and re-elected in 2019 and 2021
  • Former Minister of:
    • Natural Resources ( to )
    • International Trade Diversification ( to )
    • Special Representative for the Prairies ( to )

Raquel Dancho (First Vice-Chair)

Political affiliation: Conservative Party of Canada
Constituency: Kildonan—St. Paul, Manitoba
Shadow Minister for Public Safety (since )

Profession/Occupation: Political staffer, Politician

Political experience:

  • First elected in 2019 and re-elected in 2021
  • Former Shadow Minister for:
    • Diversity, Inclusion and Youth ( to )
    • Immigration, Refugees and Citizenship ( to )
    • Future Workforce Development and Disability Inclusion ( to )

Kristina Michaud (Second Vice-Chair)

Political affiliation: Bloc Québécois
Constituency: Avignon—La Mitis—Matane—Matapédia, Quebec
Critic for Public Safety and Emergency Preparedness, Climate Change, Youth (since 2019)

  • Profession/Occupation: Political staffer
  • Riding includes Port of Matane (marine, commercial)

Political experience:

  • First elected in 2019 and re-elected in 2021
  • Long-time member ( to present) and Vice Chair of SECU ( to present)

Paul Chiang

Political affiliation: Liberal Party of Canada
Constituency: Markham—Unionville, Ontario
Parliamentary Secretary to the Minister of Housing and Diversity and Inclusion (Diversity and Inclusion) (since )

Profession/Occupation: Retired police officer (GTA)
Political experience: First elected in 2021

Pam Damoff

Political affiliation: Liberal Party of Canada
Constituency: Oakville North—Burlington, Ontario
Parliamentary Secretary to the Minister of Public Safety (since )

Profession/Occupation: Investment banker, consultant

Political experience:

  • First elected in 2015 and re-elected in 2019 and 2021
  • Former Parliamentary Secretary to the:
    • Minister of Health ( to )
    • Minister of Indigenous Services ( to )
  • Long-time Member of SECU ( to present)

Dane Lloyd

Political affiliation: Conservative Party of Canada
Constituency: Sturgeon River—Parkland, Alberta
Shadow Minister for Emergency Preparedness (since )

  • Profession/Occupation: Politician
  • Riding includes Villeneuve Airport (airport of entry)
    "service suspended until further notice"

Political experience:

  • First elected in 2017 and re-elected in 2019 and 2021
  • Former Shadow Minister for:
    • Digital Government ( to )
    • Rural Economic Development ( to )

Alistair MacGregor

Political affiliation: New Democratic Party of Canada
Constituency: Cowichan—Malahat—Langford, British Columbia
Critic for Public Safety (since ), Agriculture and Food (since 2018); Deputy Critic for Justice (since 2017)

  • Profession/Occupation: Political staffer
  • Riding is on Canada-U.S. marine border
  • Riding includes Duncan Airport (airport of entry) "service suspended until further notice" and several marine, commercial points of service

Political experience:

  • First elected in 2015 and re-elected in 2019 and 2021
  • Former critic for:
    • Seniors ( to )
    • Heritage (Deputy) ( to )

Ron McKinnon

Political affiliation: Liberal Party of Canada
Constituency: Coquitlam—Port Coquitlam, British Columbia

Profession/Occupation: Computer Systems Analyst

Political experience:

  • First elected in 2015 and re-elected in 2019 and 2021
  • Former Chair of the Standing Committee on Heath ( to )

Taleeb Noormohamed

Political affiliation: Liberal Party of Canada
Constituency: Vancouver Granville, British Columbia

Profession/Occupation: Former public servant with PS and PCO, member of the Board of directors for the Canadian Air Transport Security Authority (CATSA), technology executive

Political experience: Defeated in 2011 and 2019, first elected in 2021

Doug Shipley

Political affiliation: Conservative Party of Canada
Constituency: Barrie—Springwater—Oro-Medonte, Ontario

Profession/Occupation: Politician, Small business owner

Political experience:

  • First elected in 2019 and re-elected in 2021
  • Former Member of SECU ( to )

Potential key interests: Barrie opioid crisis

Tako Van Popta

Political affiliation: Conservative Party of Canada
Constituency: Langley—Aldergrove, Alberta

  • Profession/Occupation: Lawyer
  • Riding includes one of the four British Columbia Lower Mainland ports of entry

Political experience:

  • First elected in 2019 and re-elected in 2021
  • Long-time Member of SECU ( to present)

Sameer Zuberi

Political affiliation: Liberal Party of Canada
Constituency: Pierrefonds—Dollard, Quebec

Profession/Occupation: Canadian Forces reservist, student and human rights activist

Political experience: First elected in 2019 and re-elected 2021

Standing Committee on Public Safety and National Security meeting summary of

Report prepared by:
Parliamentary Affairs, Public Safety

Topic of meeting

  • 11:00 am to 12:00 pm: Assessment of Canada’s Security Posture in Relation to Russia
  • 12:00 pm to 1:00 pm: Planning on Future Business (in camera)

Appearing

11:00 am to 12:00 pm

The Honourable Bill Blair, P.C., M.P., Minister of Emergency Preparedness

Department of Public Safety

Rob Stewart, Deputy Minister

Members in attendance

  • Liberal Party: Pam Damoff, Jim Carr (Chair), Paul Chiang, Taleeb Noormohamed, Peter Schiefke, Ron McKinnon; Rachel Bandayan
  • Conservative Party: Tako Van Popta, Raquel Dancho (Vice-Chair), Dane Lloyd, Doug Shipley
  • Bloc Québécois: Kristina Michaud (Vice-Chair)
  • New Democratic Party: Alistair MacGregor

Summary

This was the fifth meeting of the committee on the topic of the Assessment of Canada’s Security Posture in Relation to Russia. Minister Blair provided an opening statement focusing on the impacts to Canada of the illegal invasion of the Ukraine by Russia. Questions focused on cyber security, foreign interference, danger to critical infrastructure and Canada’s supply chain.

Opening remarks

Minister Blair acknowledge and thanked the Committee for taking on this important study and the terrible toll the invasion has had on the Ukraine and the human causalities they have suffered. He explained that Canada has been working to impose severe sanction on Russia and is ensuring that Ukraine has what it needs to continue the fight.

He stressed that Canada is working within a complex global environment including the threat by climate change which is leading to more natural disasters as well as the fact that Canada remains a target for foreign actors.

He explained that threats by Russia include amongst other things, disinformation and cyber attacks. CSIS, CSE and the RCMP continue to play a key role in identifying those threats and dismantling them. He explained that he is responsible for preparing for future emergencies and coordinating responses for Canadians and the Prime Minister.

He went on to speak to the Federal Emergencies Response Plan (FERP) which is intended to cover hazards of all kinds. He explained that the plan was last updated in 2011 and he has been mandated to update it again. He spoke of the role the Government Operations Centre (GOC) plays in monitoring, coordinating and providing information to partners.

Questions

Cyber and threats to infrastructure

Minister Blair indicated that the whole of government is seized with the issue of cyber security and attacks including CSE as the lead department, as well as CSIS and the RCMP. He explained that Canada and its allies have attributed attacks to Russia which led to the creation of the Canadian Centre for Cyber Security.

Minister Blair indicated that CSE has done significant work to ensure that infrastructure and systems are safe. He stressed that despite some ransomware attacks, there is a resiliency and strength within the financial sector.

Minister Blair spoke to the recent funding announcement to improve collective resilience in the face of cyber attacks. He also spoke to the collaboration within the 5 Eyes community and how tools are being shared to ensure that resiliency.

Minister Blair explained that should a pipeline be attacked, the first call would be to CSE. While most pipelines are administered privately, the government has a solid relationship with those companies.

Minister Blair indicated that should a ransomware attack on Canadian energy suppliers happen, government security agencies and police would be called in to assist.

Should violence be perpetrated on infrastructure, the Minister explained that the police of jurisdiction would be responsible to deal with it. If the ability of that force should be exceeded, other jurisdictions would be called in to help. He indicated that this has not happened to date.

Minister Blair explained that the greatest risk to Canadians at this time as a result of the invasion of the Ukraine is cyber related. There is a duty to ensure the safety of all Canadians including the 1.4 million people of Ukrainian descent in Canada. He went on to say that the more information we can provide to the public with regard to potential threats the better. Canadians must be alerted to impacts of disinformation so that they are not inappropriately influenced.

Minister Blair explained that there has been significant work done to assess security in nuclear plants in Toronto. He indicated that there is a risk of attack by hostile state actors and terrorists and that it is necessary to mitigate the risk by having trained and equipped security officers.

Mr. Stewart indicated that under the PERF, there is a layered set of plans for attacks to infrastructure. He explained that it is about managing what happens on the ground and the government has a set of responses ready depending on the circumstances.

Foreign interference

Minister Blair explained that he has not received information that Russia was involved in any foreign interference with regard to the 2021 Canadian Election. He spoke to the vigilance of security agencies in monitoring this.

Mr. Stewart explained that with regard to the 2021 Election, he is part of a panel of five deputy ministers who receive information. It was concluded that while there was some effort through social media to influence voting, there was no foreign interference and no threat to the integrity of the election overall.

Mr. Stewart explained that Public Safety is constantly improving monitoring of mal information. He stressed that the department is spending a lot of time and effort in this area.

Mr. Stewart confirmed that he has received no information to indicate that Russia was involved in the Trucker Convoy.

Minister Blair indicated that many of the recently listed entities have had ties to Russia. He stressed that the government is engaged on a number of fronts to protect Canadians from foreign interference.

Emergency management

Minister Blair explained that the government is working closely with British Columbia and investing in training, equipment and fire detection in preparation for the fire season.

Sanctions

Minister Blair explained that the government has taken a careful look at vulnerabilities to Canada in terms of possible reciprocal actions from Russia. Currently, Russia is a source for nitrogen fertilizer in Canada which is having an impact on agriculture. Energy costs have also risen significantly. He indicated that he believes the sanctions against Russia are impactful.

Minister Blair explained that with regard to incidence response in face of the conflict with Russia, there is a whole of government approach especially around sanctions. He has learned that the government response to emergencies is not siloed and his job is to bring domestic and international partners together.

Canada is developing a national strategy on food supply in face of global supply interruptions. He indicated that he is aware of the efforts by the Canadian agriculture community. He stressed that there will be and are financial impacts.

Climate change

Minister Blair indicated that the invasion of the Ukraine has had an impact on diplomatic discussion over climate change but he believes that, the work being done in this area will continue regardless.

Misinformation

Minister Blair explained that robust discussions are taking place with regard to how we counter misinformation around vaccines, COVID, etc. and how we supply Canadians with accurate science based data on risk. He stressed that it is important that Canadians be able to trust the information they are receiving on how to keep themselves safe.

Follow-up Items (to be checked against the transcript)

NIL

Next meetings

  • Tuesday, :
    • From 11:00 am to 12:00 pm – Rise of Ideologically Motivated Violent Extremism in Canada – Consideration of draft report
    • From 12:00 pm to 1:00 pm – Assessment of Canada’s Security Posture in Relation to Russia
  • Thursday, :
    • From 11:00 am to 12:00 pm – Assessment of Canada’s Security Posture in Relation to Russia – Minister of Public Safety to appear with portfolio officials (CBSA, RCMP, CSIS)
    • From 12:00 pm to 1:00 pm – Committee business (in camera)
Date modified: