The Department of National Defence has issued a call to prospective suppliers for feedback and information on two proposed projects aimed at shoring up its defences against hackers.
A formal request for proposals will not be issued until the summer of 2020; the contract is expected to be awarded in the summer of 2021.
The department “has invested heavily in technologies that have radically increased the speed and precision of modern military operations,” says the 38-page document, released Dec. 18. “Underpinning most of these incredible leaps in capability has been a reliance on an increasingly complex cyberspace.
“In support of its command and control structure, [Department of National Defence/Canadian Armed Forces] requires the capability to monitor and control its cyberspace so it remains defensible.”
The projects are part of an eight-year, $50-million to $99-million effort to secure military cyberspace against foreign and other threats, first announced in 2016.
The new programs aim to fight different activities than the kind of disinformation campaign Canadian troops currently face in Latvia, for example, where Russian-based groups, acting on instructions from Moscow, have been spreading false information, largely via fake news websites, automated Twitter accounts and such.
The Russians are trying to turn Latvians against the Canadian-led NATO force currently ensconced outside Riga. Similar campaigns are underway throughout the Baltic states where NATO has installed forces to discourage Russian aggression.
Cyberwar consists of hacking computer systems, disrupting operations and stealing information.
A DND statement said the latest round of projects will “move the organization from its current manual-response posture to a proactive posture in which the commander of the cyber defensive mission can anticipate and make rapid decisions, informed by intelligence and the near-real-time analysis of network activity.”
Federal government departments, and DND specifically, have been targeted by hackers—both foreign government and otherwise—on several known occasions. For instance:
• The Forces’ privately run recruiting site was hacked in November 2016, redirecting users to an official Chinese government page. It was not immediately determined who was responsible for the attack.
• The “hacktivist” group Anonymous claimed responsibility for taking down several government websites in June 2015, saying the action was retaliation for Conservative government surveillance legislation. A month later, the Public Service Labour Relations and Employment Board was struck.
• Defence Research and Development Canada—the military’s research arm—was among key government sites targeted in January 2011. Sources told CBC at the time the attack was launched from servers in China. Those affected temporarily shut down their Internet access to protect from further attacks for two months.
In fact, hackers have been targeting Canadian government entities since at least 2009, when a Canadian-based Internet-security group called the Information Warfare Monitor reported that an electronic spy network based mainly in China had hacked into almost 1,300 government computers in 103 countries.
Former auditor-general Sheila Fraser warned of “weaknesses in the system” back in 2002 but it was the monitoring group’s report exposing a massive cyber spying operation called GhostNet that inspired many countries, including Canada, to strengthen their defences against potential cyberattacks.
The Communications Security Establishment, a branch of DND and the country’s primary “cryptologic agency,” led the Canadian effort.
The latest documents outline two separate but related initiatives: A “cyber security awareness” project would better apprise commanders of the military’s online security and an upgraded “defensive cyber operations unit” would comprise a team to constantly monitor defence networks for developing cyberattacks.
“The intent is to create a sustainable, state-of-the-art defensive cyber security operations capability, comprised of DND/CAF personnel and professional services.”
Advertisement
