Parliamentary Committee Notes: Cyber Security During COVID-19 Pandemic

PROC – Foreign Interference
Date: February 3, 2023
Classification: Unclassified
Fully releasable (ATIP)? Yes (except name)
Branch / Agency: NCSB/NCSD

Proposed Response:

• Almost three years since the start of the COVID-19 pandemic, Canadians have a different relationship with the Internet. More people now use the Internet to shop, buy groceries, regularly connect with friends and family, attend medical appointments and work. Today, Canadians are working through a combination of in-person, virtual and hybrid means.
• While the amount of malicious cyber activity remained relatively stable since the COVID-19 outbreak, Canada saw threat actors capitalize on the new environment, exploiting workplace arrangements and an expanded threat surface, including via phishing campaigns that leveraged COVID-19 themes and Canadians increased online presence.
• Through a whole of government approach, involving among others, the Canadian Centre for Cyber Security, the Royal Canadian Mounted Police, and the Canadian Radio-television and Telecommunications Commission, the Government of Canada has taken actions to protect Canadians online, including through the development of cyber awareness campaigns and guidance materials on how to protect systems, as well as removing COVID-19 related phishing sites mimicking Government of Canada sites.
• Internationally, the Government worked closely with its partners and allies to condemn malicious cyber activity, including activity targeting healthcare facilities. Canada will continue its international engagement to promote and protect a free, open and secure cyberspace that is-line with international law and consistent with Canadian values.

Background:

The COVID-19 pandemic has required an increasing shift to online platforms across both the public and private sectors. Indeed, the pandemic has underscored the importance of accessible and reliable Internet connections. It made it necessary to move previously physical interactions online and required the quick adoption of technologies related to telework and education, contact tracing, and online retail and banking. The widespread adoption of contactless technologies for Canadians' day-to-day activities has increased their exposure to cyber threat activity, such as data theft, fraud and extortion. The increasing online presence of Canadians during this pandemic has provided new vectors for malicious actors to exploit, especially as there has been a rush to deploy online solutions. 

While the aggregate amount of cyber malicious activity remained relatively stable since the outbreak of COVID-19, states and cyber criminals have been using the pandemic as a means of furthering malicious activity, such as ransomware, theft and espionage. For example, malicious cyber actors launched a variety of scams that exploited the topic of the pandemic from just about every angle, from advertisements to masks, when they were in short supply, to special refunds from the government. Scammers often imitated leading authority figures on the pandemic, like the CDC and the World Health Organization, to give their emails additional authority — and increase the chances that users would click a malicious link.

Additionally, as more Canadians have come to rely on the internet as their source of information, misinformation, disinformation and malinformation (MDM) pollute the online information space by spreading false and potentially harmful information. This has made it difficult for Canadians to separate truth from falsehoods. Of the Canadians who sought information about COVID-19 online, 96% reported being exposed to content they suspected was misleading, false or inaccurate.

The Government of Canada responded quickly to these threats during the pandemic. As early as March 20, 2020, the Canadian Centre for Cyber Security (CCCS) issued a proactive alert assessing that there is an elevated risk to the cyber security of Canadian health organizations, especially those engaged in responding to the COVID-19 pandemic. CCCS continued to meet regularly and share threat information derived from its foreign intelligence and cyber defence mandate with Canadian health care and research sectors as necessary throughout the pandemic.  To combat the increase in scams/phishing referencing COVID-19 benefits, CCCS has worked with other federal departments, including the RCMP and CRTC, to detect, deter, and disrupt, cyber incidents. The Canadian Anti-Fraud Centre also tracked incidences of cybercrimes linked to fraudulent COVID‐19 themed activities. The RCMP is investigating those responsible and enforcement/disruption action has been taken.

Moreover, in response to this elevated risk, Canada has heightened cyber security surveillance and sharing of cyber incident information. Canada actively participated in developing cyber security responses to the COVID-19 themed cyber threats with its international partners, and in particular with Five Eyes allies. Canada has also worked at securing scientific research, in particular in academia. With many Canadian universities (a) moving to online classes, (b) dependent on foreign students (who, in some cases, will be accessing classes online from their home countries), and (c) working with foreign researchers engaged in joint research from their home countries with Canadian scientists and institutions, cyber security has become an increasingly complex and critically important aspect of academic integrity.

Internationally, Canada has issued a statements in solidarity with our allies on malicious cyber activity, including to the health sector. These statements promote the framework for responsible State behaviour in cyberspace and upholding of the Rules-Based International Order. 

Contacts:

Responsible manager: [REDACTED], NCSB/NCSD, [REDACTED] (not releasable)
Approved by: Sébastien Aubertin-Giguère, Acting Senior Assistant Deputy Minister, 613-614-4715

Date modified:

2023-09-26