Preserving capacity, General Tom Lawson, Chief of the Defence Staff, Keys to Canadian SAR
Issue link: http://vanguardcanada.uberflip.com/i/775308
T ThE laST wOrD Cyber Defence a s the threats of cyberwarfare grow, many organiza- tions and nations around the world are scrambling to come up with a defence that can offer protection from the inevitable attacks of individuals, organizations, and nation-states. Cyber defence has become an integral part of a nation's defence system today, and NATO is leading the charge to showcase how significant this area is. Through its defence mandate, the organi- zation recognized cyberspace as a domain of operations in July of this year, in which it reaffirmed that it must defend itself against cyberwar as it does in the air, land and sea domains. To build from this new direction, NATO recently held its Cyber Coalition 2016 in Tartu, Estonia from November 28 to Decem- ber 2. This was NATO's largest cyber defence exercise to date, which attracted more than 700 participants from the cyber field, legal experts, government and military officials, academics and industry. A highlight of this event was a featured simulation of a cyber- attack. Those that were involved in this attack had to work as a team to detect the threat and then work on mitigating the impact before it could spread across national systems. The participants were graded on how well they shared information of attacks and if it was done in a rapid and efficient manner to stop the dissemina- tion of the cyber incidents. At the same time, they were gauged on their coordination with their cyber defences during an attack. This exercise and others like it are vital to prepare us for an at- tack but when we look at what is happening in the cyber sphere around us at such a blistering pace, it is easy to see how an attack, but when take place without an organization or country even re- alizing it was attacked. At the time of writing, a few cases come to mind. It was just reported that Germany's spy agency has seen an in- creased number of Russian-backed cyber-attacks. These attacks are being perpetrated against Germany and its political parties to spread propaganda and misinformation, with the aim to influ- ence the results in next year's general election. This sort of attack according to Hans-Georg Maassen, head of Germany's BfV spy agency, "could potentially endanger German government offi- cials, members of parliament and employees of democratic par- ties." Then there is the U.S. presidential election. We have heard a lot of speculation about a cyber interference from Russia that could have swayed the outcome of the election to favour President-elect Donald Trump. President Barack Obama has even ordered a re- view after seven top democratic senators urged him to declassify intelligence on Russia's meddling in the elections. U.S. intel- ligence organizations concluded at the beginning of October in a statement that they are "confident that the Russian Government directed the recent compromises of emails from U.S. persons and institutions, including from U.S. political organizations." It went on to add, "only Russia's senior-most officials could have autho- rized these activities." Almost a decade ago, Estonia, the country where NATO held its latest cyber exercise, had its government websites knocked out by what they claimed to be attacks from Russia. Since then, Esto- nia has beefed up its cybersecurity, but is still cautious to the fact that such an attack can occur again. "It's a pretty safe bet that they will try to do it again," Estonian Foreign Minister Sven Mikser said, speaking to Reuters. "They will try to surprise us. That's something that we should be very careful to look at and try to protect ourselves from." All of the cases that I've identified in this article relate to a na- tion-state, Russia. But cyberwarfare is not only limited to nation- states; there are individuals and organizations that are very active in cybercrime. Now to bring this back home: How can Canada protect itself? It appears that we have made a start as outlined by Prime Minister Justin Trudeau. In the mandate letter to the Minister of Defence, Mr. Trudeau made cyber one of the top priorities for Mr. Sajjan, so that he can "support the Minister of Public Safety and Emer- gency Preparedness in a review of existing measures to protect Canadians and our critical infrastructure from cyber threats." But how can we get there? Having exercises like the one NATO held recently is one way of doing so, but the participants in that simulation training bubble were aware that they were going to to be attacked and then focused all their attention on that attack. In the real world, it does not work that way; We have many other tasks that we juggle and can easily be unaware that we have been breached. The key then is not about getting prepared, but about being prepared. There is a difference, and we need to get to that step so that we can effectively defend and mitigate attacks from all parties whose mandate is harm and destroy what we stand for. by Marcello Sukhdeo iT is noT aBouT geTTing PrePared; iT is aBouT Being PrePared. 46 DeCeMBer 2016/JANUArY 2017 www.vanguardcanada.com NATO Photo by NIC Edouard Bocquet