Preserving capacity, General Tom Lawson, Chief of the Defence Staff, Keys to Canadian SAR
Issue link: http://vanguardcanada.uberflip.com/i/1283033
40 AUGUST/SEPTEMBER 2020 www.vanguardcanada.com CyBer hunter and developer society, Leftronic, provided statistics in October 2019, which showed that more than 90 per cent of private industries have cloud-based sys- tems, while 60 per cent of organizations use remote storage for confidential data. Yet our governments are being very care- ful for a lot of reasons. Nonetheless, with COVID-19 for instance, we know Canada will need to step one gear up and engage more of these cloud-based and computer farm technology to maintain departments and their remote workers. With a grain of salt, they can raise the accessibility of an unclassified network environment but it is a different ball game when it comes to se- cured networks. Within each department of govern- ment, I do see great efforts to maintain a secured communication process, providing a "tool kit" to managers and supervisors, but in an era where there are thousands of BYOD software and digital utility, it can be difficult to select the right one. Recently, DND published the "COVID-19 Business Resumption – Supervisors' Communications Toolkit" one Annex has a great résumé for a standard of procedure (Annex C: Best Prac- tices for Online Engagements), no matter what application or software client you use what comes out of it is that you have to get acquainted with these tools and make sure you first employ their functionality and al- ways prioritize the security. Are you familiar with the process? Is your remote working environment physically and virtually safe? As CTV News reported in May, fraud- ulent websites, online services offering financial solutions (scams) have led to thousands of takedowns on the World Wide Web. Opening our doors to remote access tools has great power, but we must be ready to accept the great responsibility. And what about this scenario - COVID-19 pushing foreign country professional cy- ber hackers to steal digital knowledge and gain access to research conducted in North America about a cure to provide a vaccine to humanity, does that sound like a fictional book? It does right, but this is real life, a true story that happened this year, not in a Richard A. Clarke's book or in a futuristic Spielberg movie of the year 2225. Worldwide news channels and editors such as CNBC and Forbes detailed the situation as "… the U.S. and U.K. ac- cused Russian hacking group linked to the government, dubbed "APT29" or "Cozy Bear," of targeting "various organizations involved in COVID-19 vaccine develop- ment in Canada, the United States and the United Kingdom, highly likely with the intention of stealing information and in- tellectual property relating to the develop- ment and testing of COVID-19 vaccines." Of course, Russia denied the allega- tions. Cybersecurity must be reinforced, no matter how important remote access is required because you never know who is watching and listening. That was chapter one, chapter two was in a matter of a week or so after the Russian situation. The Los Angeles Times received the unsealed event of the U.S. Justice Department leading ac- cusations against China, stating they were targeting trade secrets from private com- panies around the world, worth millions of dollars mainly aiming at firms working on vaccines for coronavirus. In our fast- evolving technological world, the future is today and the new threats are already aiming at potential breaches, what's next? With social distancing and health mea- sures technologies such as a finger, facial and voice recognition take on more mas- sive integration into the professional in- dustry. We may not be far from the day when we will hear: "Ok Google, drop the bomb" since these innovations are heav- ily targeted by hackers. Cryptographic Man in the Middle and Security assertion markup language attacks are now scripted to acquire fingerprints, voice, and facial analysis data, and we all know these are very popular with cloud-based login pro- tocols and whoever implants these MiM & SAML interceptors can acquire a lot of information about who you are and inevi- tably they can virtually pretend to be you doing online banking next door. These attacks are popular among mass login vir- tual portfolios such as stock market and national events such as elections. The U.S. Defense Department stated cybersecurity as being a top priority mission for their upcoming 2020 elections. We can imag- ine how much data such an event gen- erates? Army General Paul Nakasone of the U.S. Cyber Command said that the lessons learned from the 2016 election of cyberattacks led by Russia, China, and other countries, which was combatted by a united effort between DoD and multiple agencies such as the FBI and Homeland Security, have helped them developed in- sights about theirs adversaries' maneuvers. "We know our adversaries better than they know themselves," he said. About CO- VID-19, he explained the secured remote communication associated with safe per- sonal interaction created a great powerful agility in the face of a pandemic. Where we are heading next is surely comprised of new innovations and risks toward cybersecurity, with COVID-19 still menacing like a wandering ghost in a haunted mansion. It is with great relief we see our government tactically driving many efforts and assets to be ready for the next wave of cyberattacks. Not all of us are comfortable and aware of all the counter strikes Canada maintains against antago- nists but as a day to day user in cyberspace, I do encourage any type of workers, su- pervisors, office, and teleworker to consult the Canadian Center for Cyber Security online resources. CCCS excelled in main- taining its portfolio providing abundant advice and guidance about how cyberse- curity should be taken seriously, but above all to help us with physical and virtual in- teraction and maintain our daily operation safely and successfully. To learn more, go to: (https://www.cyber. gc.ca/en/guidance/focused-cyber-security- advice-and-guidance-during-covid-19). Eric started his professional career over 20 years ago in broadcasting, a few years later he made the jump to the AV world bringing his expertise to GOC departments' Video- conferencing and audio-visual presenta- tion services. In 2015, he went on his own as a consultant and worked with the De- partment of National Defence and Shared Services Canada as a technical expert for Multi-classification level presentation sys- tems. He joined DND as a civilian in 2018, becoming a senior project manager work- ing under the DG CYBER division. He has achieved various mission-critical and large scale deployment throughout the country, his team has recently joined the reformed Director General Information Management Technology & Strategic Planning DGIMTSP.