This post is also available in: heעברית (Hebrew)


The secret hacking tactics of Canada’s intelligence agency

Canada’s electronic surveillance agency has secretly developed an arsenal of cyber weapons capable of stealing data and destroying adversaries’ infrastructure. This, according to newly revealed classified documents.

According to these documents, which were published by The Intercept, Canada’s Communications Security Establishment (CSE) covertly hacked into computers across the world to gather intelligence and break into networks in Europe, Mexico, the Middle East and North Africa.

The revelations, reported by CBC News in collaboration with The Intercept, demonstrate the aggressive tactics Canada has adopted, of sabotage and infiltration of targeted computer systems. The latest disclosures come as the Canadian government debates whether to hand over more powers to its intelligence agencies in a bid to counteract threat, as part of the controversial anti-terrorism law, Bill C-51.

Christopher Parsons, a surveillance expert at the University of Toronto’s Citizen Lab, told CBC News that the new revelations showed that Canada’s computer networks had already been “turned into a battlefield without any Canadian being asked: Should it be done? How should it be done?”

According to documents obtained by The Intercept from National Security Agency whistleblower Edward Snowden, CSE has a wide range of powerful tools to perform “computer network exploitation” and “computer network attack” operations. These involve hacking into networks to either gather intelligence or to damage adversaries’ infrastructure, potentially including electricity, transportation or banking systems.

One document from CSE, dated 2011, outlines the range of methods the Canadian agency has at its disposal as part of a “cyber activity spectrum” to both defend against hacking attacks and to perpetrate them.

Register to iHLS Israel Homeland Security

CSE says in the document that it can “disable adversary infrastructure,” “control adversary infrastructure,” or “destroy adversary infrastructure” using attack techniques. It can also insert malware “implants” on computers, in order to steal data.

The document suggests CSE has access to a series of sophisticated malware tools developed by the NSA (the American National Security Agency) as part of a program known as QUANTUM. The Intercept also reported that the QUANTUM malware can be used for a range of purposes. It can be used to infect a computer and copy data stored on its hard drive, to block targets from accessing certain websites or disrupt their file downloads.

The apparent involvement of CSE in using deception tactics, suggests it has similar methods of operation as the secretive British unit JTRIG, a division of the Government Communications Headquarters (GCHQ). The Intercept has previously published Snowden documents demonstrating that the JTRIG unit uses a range of methods to manipulate information online. It, for example, rigs the outcome of online polls, sends out, across entire countries, fake messages on Facebook, and posts negative information about targets to damage their reputations.

CSE declined to comment on the specifics of the latest revelations. In a general statement issued to The Intercept and CBC News, a spokesman for the agency said: “In moving from ideas or concepts to planning and implementation, we examine proposals closely, to ensure they comply with the law and with internal policies, and that they ultimately lead to effective and efficient ways to protect Canada and Canadians against threats.”