On Wednesday, the Canadian Defence Minister, Anita Anand, announced at Canada's Global Defence and Security Trade Show (CANSEC) that the country would be partnering with the United States on a new cyber security certification program for defence contractors. Under the program, contractors would only need to be certified once by either country.
Defense contractors are often the target of cyberattacks that threaten supply chains and unclassified information, according to Anand. Russia's use of disinformation campaigns during the war in Ukraine has highlighted the need for better protections against malicious cyberattacks.
Anand states: “Cyberthreats are growing here at home, too, where malicious cyber activities have targeted government and defence contractors and subcontractors.”
In her speech she highlights how federal government set aside $25 million in this year’s budget to develop the program over the next three years. It will be designed “in lockstep” with the United States so that certification will be recognized in both countries.
“This means that defence contractors doing business in both countries will only need to be certified under a single entity, and it will ensure that Canadian companies can benefit from future procurement opportunities with our allies,” she said.
Anand also highlighted how at least annually $1.5 million will go toward an indigenous reconciliation program within the department, which will aim to support consultation on infrastructure projects and research.
Noticeable Rise of Cyber Activity in Canada
Canadian’s Cybersecurity agency, the CSE, reported how there has been a noticeable rise of cyber threat activity in the last few weeks from Russian aligned actors including activity directed at critical infrastructure networks. The CSE feel short of saying who specifically had been targeted and there had been no significant damage to the infrastructure.
Known targets in recent times include how Hydro-Québec said it was targeted in April this year by a denial-of-service assault. Quebec’s power utility had its website and mobile app taken offline by a cyberattack, for which a pro-Russian hacker group claimed responsibility. No data was taken in the attack.
Similarly in April three different Canadian ports including the Ports of Halifax, Montreal and Quebec, suffered from denial-of-service attacks, that shut down their websites, although cargo continued to move at all three ports.
