OTTAWA — The House of Commons defence committee is urging the Liberal government to levy sanctions against individuals and organizations who target Canadians with disinformation.
In a new report calling for stronger cybersecurity, the committee warns of increasingly sophisticated disinformation and foreign influence campaigns by China, Russia and other aggressors.
Canada has developed national strategies, launched and funded cybersecurity initiatives, adopted legislation and fostered closer international co-operation in cyberspace, the report acknowledges.
Overall, however, the committee says more could be done to strengthen Canada’s cybersecurity and cyberwarfare efforts, and to improve resilience to threats from home and abroad.
During committee hearings, witnesses stressed that Canada should encourage the development of international norms and frameworks for addressing these threats.
The committee recommends using existing sanction regimes against people and entities trying to manipulate Canadians with misleading or false information.
The MPs also say Canada should impose effective sanctions on countries that condone or use cybercriminals to steal money or intellectual property, or conduct information warfare.
Russia's use of offensive cyberweapons in its ongoing war against Ukraine has demonstrated the extent to which cyberwarfare and the weaponization of cyberspace have become realities of modern conflict, says the report, presented to the House just before the summer recess.
"Also of note in recent years are the increasingly sophisticated disinformation and foreign influence campaigns conducted by China, Russia and other aggressive authoritarian states against democratic countries, including Canada. These types of activities underscore the critical importance of ensuring the existence of cybersecurity and of combating cyberwarfare."
State and non-state actors have used offensive cyberprograms to target Canada, including its financial sector, critical infrastructure and democratic institutions, the report says.
Sami Khoury, head of the federal Canadian Centre for Cyber Security, told the MPs that cybercrime remains the largest digital threat to Canadians, although state-sponsored programs pose the greatest strategic cyberthreat to Canada.
Witnesses also cited the rising frequency of ransomware and other types of malware attacks, the MPs note in their report.
It calls on the government to:
— establish an ongoing forum for collaboration and engagement on cybersecurity issues where industry and officials meet to exchange information and best practices;
— invest in its own network infrastructure cybersecurity and undertake a comprehensive assessment of what's necessary to harden government systems and third-party network infrastructure on which its data is stored;
— expedite the renewal of Canada's national cybersecurity strategy and establish an ongoing review that can better keep pace with the changing nature of cyberthreats;
— appoint a cybersecurity ambassador; and
— examine the Canadian Security Intelligence Service Act to ensure that CSIS has the legislative tools it needs to keep pace with technological advancements, modern digital realities and the ever-evolving cybersecurity threats.
Nowhere in the report is there discussion of why the CSIS recommendation is needed or that this is even a concern, said Tim McSorley, national co-ordinator of the International Civil Liberties Monitoring Group.
"Once again, we're seeing national security creep: recommendations that national security agencies be granted new powers despite the lack of public evidence that they are necessary," he said.
There is a "severe transparency deficit" in relation to how Canada is approaching cybersecurity, he added. "This kind of recommendation won't do anything to resolve that."
McSorley, who testified at the committee, said it's worrisome that human rights issues did not figure more prominently in the resulting report.
"Even more stark is that there is not a single recommendation around ensuring that rights protections are explicitly taken into account in the government's response to cyberthreats, whether in regards to Charter rights or to Canada's international human rights and civil liberty obligations."
This report by The Canadian Press was first published June 26, 2023.
Jim Bronskill, The Canadian Press
