Canadian Security Intelligence Service, Service Canadien du Renseignement de Sécurité, Gouvernement of Canada,
Skip all menus * * * * *
* Français * Contact Us * Help * Search * Canada Site
*
* About CSIS * Priorities * Publications * Newsroom * PSEPC
*
* Home * FAQ * A-Z Index * Site Map * Careers
*
* A world of challenge.
*

Priorities
Terrorism
Proliferation of Weapons
of Mass Destruction
Espionage and
Foreign Interference
Transnational Criminal
Activity
Information Security
Threats
Security Screening
*
Print ViewPrint View

* *

Information Security Threats

Critical infrastructures in Canada and around the world have for some time been the target of cyber-related attacks for criminal, political or other motives. CSIS broadly defines a cyber-related attack as the use of information systems or computer technology either as a weapon or a target. The large number of potentially ill-intended perpetrators could include individuals acting on their own, hostile intelligence agencies and terrorists. These possible aggressors have potential access to a growing range of capabilities and tools, and may want to engage in malicious activity directed against cyber-elements of the critical infrastructure.

Canada’s critical infrastructure consists of physical and information technology facilities, networks and assets (e.g., energy distribution networks, communications grids, health services, essential utilities, transportation and government services), which, if disrupted or destroyed, could have a serious impact on the health, safety, security and economic well-being of Canadians. The effective functioning of industry and of government in Canada would also be significantly affected. (The August 14, 2003 blackout that affected 50 million people across eastern North America illustrates the impact of a major cyber-attack. Although the initial incident was a localized system failure, which only affected the electrical sector, the widespread power breakdown that followed affected other critical infrastructure, such as transportation, telecommunications and banking.)

Malicious cyber-related acts may take the form of a distributed denial-of-service (DDoS) attack. DDoS attacks electronic mail and Web servers, rendering a network computer unusable by flooding it with network traffic. The flood of incoming messages to the target systems essentially forces them to shut down, thereby denying access to legitimate users. Repetitive and successful cyber-related attacks have the potential to garner high-profile media coverage, “reminding” the public of a critical infrastructure sector’s vulnerability and potentially providing the perpetrator with public attention.

Back to top Back to top

Politically motivated cyber-related attacks are usually undertaken by a variety of groups associated with tensions that are domestic (“hacktivism” resulting from radical opposition movements to economic events such as the G8, economic summits or environmental practices) or geopolitical (the Middle East, the campaign against terrorism in Iraq and Afghanistan). Such tensions may incite extremists to conduct cyber-related attacks against sectors of Western critical infrastructures. There is an increasing potential for politically motivated DDoS attacks. Certain anti-globalization groups have threatened to conduct DDoS attacks against the financial sector in order to protest against various economic summits. Politically motivated attacks could also take the form of network exploitation attacks. The latter would likely not be limited to criminal activity for personal gain (such as identity theft or clandestine monetary transactions), but would be intended to create instability in the economy, for example, by wiping out balances, altering records and incapacitating networks on a large scale.

Media reports also suggest that foreign intelligence services use the Internet to conduct espionage operations, as this is a simple, low-cost, and relatively risk-free way to collect classified, proprietary or sensitive information. Due to the seamless connectivity of global cyber-space, a perpetrator could stage an electronic attack from a foreign country and hit a Canadian target site in seconds. Terrorist groups could use such means to cause economic damage and serious disruptions to society without bloodshed and without the risk of being easily detected or captured.

On July 22, 2003, General John Gordon, Presidential Assistant and Advisor to the United States Homeland Security Council, declared that attacks over electronic networks might soon become as great a threat as weapons of mass destruction. Antiterrorist experts in the United States have added hacking and illicit use of the Internet to their list of weapons of mass destruction.

Read More:
*

Date modified: 2005-11-14

Top

Important Notices