The above picture captures Canada’s Public Safety Minister Vic Toews during a sleepy Sunday afternoon cybersecurity public relations event held back on October 3, 2010. That Sunday afternoon event marked the official announcement of Canada’s cybersecurity strategy. It has turned out to be a rather unfortunate photo-op at the present moment. Canada was hit with major news this past week (that has actually been bubbling for a few weeks now) about a cyberattack against our government systems of Chinese origin. See, for example: “Foreign hackers attack Canadian government,”Chinese hackers targeted House of Commons.”
The talking points were deployed to downplay the attack, as if little of consequence had happened. Prime Minister Harper and Toews spoke on Thursday about the matter, Harper in what seem to be newly perfected dulcet tones that characterize his manner in recent months:
But he said at a press conference in Toronto that he recognized cybersecurity was “a growing issue of importance, not just in this country, but across the world.”
He added that in anticipating potential cyberattacks, “we have a strategy in place to try and evolve our systems as those who would attack them become more sophisticated.”
Public Safety Minister Vic Toews said he could not speak about details pertaining to security-related incidents, but he said the government takes such threats seriously and has “measures in place” to address them.
Lulling Canadians to sleep, as they so expertly do. It’s as if nothing, really, bothers these guys. Cyberattacks are everywhere, not just in Canada. What’s more, they explained, a government strategy is in place, the October launched strategy. The Harper government strategy is so successful, in fact, that the computers of Treasury Board, Finance and National Defence have been attacked over the past few weeks and the hackers “also cracked into the computer system of the House of Commons.” The severity of the breach is canvassed in the video report from CBC below, which reports the hackers “trolled government networks for weeks without a trace” for example. See also this expert: “…even in just a few seconds, if it was properly targeted — and it sounds like it was targeted — information of immense value could have been exchanged.” It’s a heck of a strategy that’s in place.
Canadians have been told there will be no effect on the upcoming budget, presently thought to be forthcoming on March 22 or March 29, a budget which will be a confidence vote and could see the defeat of the government, provoking a spring election. How the government is able to assure us, however, that no information pertinent to the budget has been lost is unclear. A security expert cited in the New York Times reporting on the breach was not convinced. We can imagine the fallout if the day after the budget were to be released any suspicious market moves were to occur. That’s a matter of speculation at the moment, given the uncertainty surrounding the hacking and the inability to get definitive information, but it’s something for rational observers to consider. How the government acts now in respect of the budget is something to watch. Indeed, on Friday, the Prime Minister engaged in sudden budget consultations with the leader of the fourth largest party in Parliament, the New Democratic Party. Whether this attack has factored into that consultation to any extent is anyone’s guess, given that there are other major controversies facing the Conservative government at the moment that may just as likely motivate them to stave off an election (they need only the support of one of the three opposition parties in order to survive a confidence vote).
Other points of interest surrounding Canada’s efforts on cybersecurity and this recent attack…
A paltry $90 million has been allocated by the Harper government over a period of five years to the task of cybersecurity. Those funds were allotted in the 2010 budget after their having been in office for four years and represent less than one year’s worth of promotional advertising for the Harper government.
It’s worth wondering what’s been done prior to and since Toews’ hastily arranged Sunday October news conference. Inquiring minds would like to know. Much of anything? It certainly served a useful purpose this week for the government and media to point to the event as an indication of the existence of a government cyberstrategy.
Canada’s Conservative government likes to characterize itself as tough on crime. They budget lots of money to build brick and mortar jails, billions in fact. But the above referenced cyberattack that has come to light fully in the past week, as they say in the online community, looks to be a big fail.
CBC video:
Comments 2
Kenneth M. Kambara — February 21, 2011
Great post!
Interesting as the UK is investing £650M over the next 4 years {over $1B CAN}. So, even if you adjusted for the smaller size of Canadian economy, the UK-level of cybersecurity spending would be about $600M for 4 years—a far cry from $90M over 5 years.
On the other hand, I think the Harper government really believes that their "power of communication" will keep them in power. It seems to have worked, to date, but I get a sense they're treading on thin ice.
A no-confidence budget vote sets up an interesting scenario. While I'm wary of the implications voting intent polls in this political climate, I can see why Harper is talking to Layton, given that the NDP could be a potential big loser in an election. I think the Tories are vulnerable, but are schizophrenic about their current lot, making them more vulnerable.