• Blog
  • June 26th, 2017

Cyber defences and global rules should be Canada’s focus

An abstract design of a terminal display, warning about a cyber attack. Multiple rows of hexadecimal code are interrupted by red glowing warnings and single character exclamation marks. The image can represent a variety of threats in the digital world: data theft, data leak, security breach, intrusion, anti-virus failure, etc...

While Canada’s new defence policy contains a number of problematic initiatives, one particularly concerning area is the decision to develop offensive cyber warfare capabilities.

“A purely defensive cyber posture is no longer sufficient. Accordingly, we will develop the capability to conduct active cyber operations focused on external threats to Canada in the context of government-authorized military missions.” (Secure, Strong, Engaged, page 72)

But civilian experts warn that cyber weapons have the potential of being turned back on attackers:

“It is software code and a weapon that can only be used once before it’s copied….It’s not like a grenade. You throw it. It explodes and disappears. When you use malware against someone, they can reverse engineer it.”

The shift from defensive to offensive cyber development is a slippery slope, and one that Canada would do well to avoid. Besides the risk of spreading the very weapons we seek to defend against, the international community seems to be regressing into a new kind of arms race that is undermining international and domestic security.

Former Canadian Disarmament Ambassador Paul Meyer asks:

“What about the effectiveness of not turning cyberspace into a battleground? Has the net benefit to Canada been assessed of promoting responsible state conduct in cyberspace through agreed restraint and confidence-building measures rather than encouraging expanded disruptive and destructive cyber operations?” (Hill Times, 18 May 2016; subscription required)

With no clear rules of the road, the Trudeau government should be pushing for the establishment of a rigorous international legal framework to specifically govern the use of cyber weapons.

“Common sense…argues for strong defenses, and the pursuit of global laws and norms to contain the military use of these technologies before they cause chaos and destruction.” (Steve Coll)

Canada should focus on building a robust defensive infrastructure against cyber disruption. Otherwise, we may well end up like the United States, which spends 90% of its cyber budget on offensive programs, yet remains chronically under-prepared to defend itself against cyber attacks.

Photo credit: NATO

Read More

Leave a Reply

What evidence does the UK actually have that Russia is behind the nerve agent attack?

Is it happening all over again?  Are technical experts being coerced by politicians to sign on to what are, at best, misleading statements? Here is a summary of the official story right off of the BBC website: “The British government is expelling 23 Russian diplomats after Moscow refused to explain how a nerve agent was used against […]

Read More
View the Blog »

RI President on CBC Power and Politics

On Tuesday March 6th Rideau Institute President Peggy Mason was interviewed by Terry Milewski on CBC's Power and Politics about ...

Bill C-47 leaves majority of Canada’s military exports unregulated

In her address to the Geneva Conference on Disarmament on 28 February last, Foreign Minister Chrystia Freeland discussed Bill C-47, ...