Top-secret documents obtained by the CBC show Canada's electronic spy agency has developed a vast arsenal of cyberwarfare tools alongside its U.S. and British counterparts to hack into computers and phones in many parts of the world, including in friendly trade countries like Mexico and hotspots like the Middle East.
The little known Communications Security Establishment wanted to become more aggressive by 2015, the documents also said.
Revelations about the agency's prowess should serve as a "major wakeup call for all Canadians," particularly in the context of the current parliamentary debate over whether to give intelligence officials the power to disrupt national security threats, says Ronald Deibert, director of the Citizen Lab, the respected internet research group at University of Toronto's Munk School of Global Affairs.
"These are awesome powers that should only be granted to the government with enormous trepidation and only with a correspondingly massive investment in equally powerful systems of oversight, review and public accountability," says Deibert.
Details of the CSE’s capabilities are revealed in several top-secret documents analyzed by CBC News in collaboration with The Intercept, a U.S. news website co-founded by Glenn Greenwald, the journalist who obtained the documents from U.S. whistleblower Edward Snowden.
Documents obtained from Edward Snowden reveal the extent of the cyberwarfare techniques used by Canada’s Communications Security Establishment Canada (CSEC) – including the capacity and will to perform ‘false flag’ operations, where responsibility for cyberattacks, counterattacks or other intelligence-related activity is misattributed to individuals, groups or nation states.
The Intercept, in collaboration with the Canadian Broadcasting Corporation (CBC), has published limited details of CSEC’s cyberwarfare capabilities and disposition just as Canada’s C-51 bill – draft anti-terrorism legislation currently under criticism for its potential to silence legitimate protest – is under fierce debate in Canada’s House of Commons.
The ‘deception tactics’ outlined by the documents include ‘false flag’ techniques, carried out in order to ‘create unrest’. In a spectacular display of bureaucratic legerdemain, this process is apparently defined as ‘[altering] adversary perception’.
The new leak also reveals that CSEC uses ‘honeypot’ or ‘watering hole’ techniques in service of generating deceptive cyberactivity; though no greater detail is given on that point, the principle is one of presenting a tempting online target and attempting to gain advantage from the actors attracted to it.
Additionally the leaked information discloses CSEC’s cooperation with the NSA in service of an ‘active computer network access and exploitation on a variety of foreign intelligence targets, including CT [counter terrorism], Middle East, North Africa, Europe, and Mexico’.