Public Safety Canada, CSE set to start cyber-threat sharing pact with private sector
A not-for-profit exchange will work by collecting data on threats anonymously from its subscribers, commercial threat assessment companies, and the Canadian government.
Public Safety Minister Ralph Goodale’s department is poised to enter an agreement with an organization called the CCTX in an effort to get a better handle on cyber-security threats.The Hill Times file photograph
By IAIN SHERRIFF-SCOTT
PUBLISHED : Monday, Sept. 11, 2017 12:00 AM
With threats like cyber-espionage and ransomware targeting businesses and governments across the world, cyber-security has never been a more stark reality for Canadian businesses.
Examples like the ransomware attacks that devastated the United Kingdom’s National Health Service (NHS) earlier this year, or the more recent attack on container shipping giant Maersk, which cost it nearly US$300-million, are a reminders that the scale and aggressiveness of these attacks is increasing.
In an effort to get in front of large-scale cyber-threats, Public Safety Canada’s Cyber Incident Response Centre (CCIRC) and the Canadian Communications Security Establishment (CSE) are set to begin an information-sharing pact with the Canadian Cyber Threat Exchange (CCTX), a not-for-profit organization devoted to providing the Canadian private sector with critical cyber-threat information and assessments.
Public Safety Canada spokeswoman Karine Martel said an official agreement between her department and the CCTX is expected to be finalized “in the near future.”
“Once the agreement is in place, CCIRC will be able to share anonymous and unclassified information on cyber-threats with the CCTX. CCIRC will also share its full suite of products in order to raise awareness of noteworthy incidents and trends,” said Ms. Martel
A spokesperson for the CSE also confirmed that a partnership with the CCTX is “under consideration.” CSE offers internationally recognized expertise on cyber-defence and threat mitigation.
“CSE tracks cyber-threats from around the world and is uniquely positioned to offer insight and advice to the CCTX on the cyber threat landscape facing Canadians,” the CSE spokesperson said.
The CCTX, launched in April of 2016, received initial core funding from nine Canadian corporate giants, including Bell, Telus, Air Canada, CN, RBC, Manulife, TD, TransCanada, and Hydro One.
CCTX executive director Robert Gordon described the organization in terms of raising “cyber-resilience,” not only for large companies, but also for small- and medium-sized companies as well.
“[Canadian companies] face the same level of cyber-threats as companies everywhere do, everything from DDoS (distributed denial of service) attacks, ransomware attacks, malware attacks, phishing attacks. All of the things you read about in the paper apply to Canadian companies,” said Mr. Gordon in an interview with The Hill Times.
The exchange will work by collecting data on threats anonymously from its subscribers, commercial threat assessment companies, and the Canadian government. CCTX analysts will compile new information about threats into reports, which will be sent to subscribers.
“Some of those reports will be very tactical, for something going on right now, or down to a more strategic weekly summary,” said Mr. Gordon.
“Ultimately, we want this information to be actionable intelligence; so precautions that companies should specifically do to be better at protecting their networks.”
One often-misunderstood vulnerability that Mr. Gordon highlighted is the risk of ransomware. The concept of ransomware has existed for nearly 30 years but saw no effective widespread application until 2013, when CryptoLocker emerged. CryptoLocker was one of the first ransomware systems to request bitcoin as payment for the decryption and release of data back to organizations it had been stolen from.
That same year, according to an article in ZDNet, between Oct. 15 and Dec.18, an estimated 41,900 bitcoin were gathered by the operators of CryptoLocker, delivering a US$27-million payout.
Mr. Gordon stressed that many small companies may not think they have much for hackers to steal, but trade secrets and unique chemical formulas are no longer their target.
“Anything from your distribution list, to your contact list, or when your billing goes out. They are not going to steal it from you because it is of no use to them; it’s only of use to you,” Mr. Gordon said, explaining that, “unless you pay the ransom, you don’t get access to the information that keeps your business running.”
Attacks like ransomware are exactly what the CCTX is trying to get in front of. Mr. Gordon expressed that the information-sharing pact with the federal government could provide Canadian businesses with threat assessments that are “high-value and quite actionable for the private sector.”
The pact, however, will not be a one-way street. Ms. Martel told The Hill Times that “cyber-security is a shared responsibility of information sharing,” and said that her department will “encourage” the CCTX to exchange threat information with CCIRC partners.
The Hill Time