Cyber Security: How We Have Failed


The deeper I get into cyber studies the more I wish that my own country could hold its own against nation-states (specifically cyber).

It seems that more and more articles are coming across my feed stating that Canada has a weak defence against cyber-attacks. 

Many people have known for awhile that Canada has been lacking on the defence side of things. [2]  It has been learned that nation-states have switched from flat out stealing government secrets to targeting something much more powerful, our economic sovereignty.

CSIS Director David Vigneault named publicly on February 9, 2021 that China and Russia are behind much of the Intellectual Property theft occurring in Canada.  This was the first time that Mr. Vigneault publicly named any specific actor. [1]

This is significant.

Let's say it one more time, the Director of Canadian Security Intelligence Services has publicly stated that Russia and China represent a "... significant danger to Canada's prosperity and sovereignty."

 Look at what happened to Nortel [3].  They had an IP leak that persisted for a long time, till the point they didn't exist anymore.

Nortel bled out it's IP till it could no longer compete.  What Mr. Vigneault is telling us is that this is happening all over the place and it's out of control.

We have failed [Cyber Security] because we leave the defense of our nations IP up to private businesses.  Businesses who don't even know they are THE frontline of this cyber fight.

North America, and many other nations, are so incredibly vulnerable.  

National cyber security is not a unified body.  It is comprised of a distributed network of millions of entities(private businesses) working independently to protect their own turf.  One weakness in this chain means that any trust relationships between those entities can be exploited.

This week it was released that a Florida water plant was hacked and that the chemical composition of the areas drinking water had been compromised[4].  It was discovered that this critical infrastructure was easily hacked do to the fact that it had no Firewall.

Had..................No..................Firewall.

How does this even happen in these "modern" times?  It's a safe bet that people have been poking around in that treatment plant for a long time.

Going back to CSIS.  It must be bad when Vigneault announces to the entire world that there is a serious threat to our national prosperity and sovereignty.

Was the goal awareness? 

Are our federal leaders aware of how bad it is?  

How much more IP needs to bleed out before someone takes this seriously?

Andrew Campbell

Reference:

[1] https://www.cbc.ca/news/politics/csis-speech-david-vigneault-1.5906665 

[2] https://globalnews.ca/news/3131347/canadas-military-too-vulnerable-to-cyber-attacks-documents/

[3] https://globalnews.ca/news/7275588/inside-the-chinese-military-attack-on-nortel/

[4] https://gizmodo.com/hacked-florida-water-plant-reportedly-had-no-firewall-a-1846246067

Popular Posts