Академический Документы
Профессиональный Документы
Культура Документы
Friday,March6,2015
CSEresponse:
HereisCSEsofficialresponsetothissetofquestions.
CSEhastheauthorityundertheNationalDefenceActtoacquireanduseinformationfrom
theglobalinformationinfrastructuretocollectforeignsignalsintelligence.Thisprotects
Canadians,Canadaandourallies.
Underthisforeignintelligencemandate,CSEdoesnotdirectitsforeignsignalsintelligence
activitiesatCanadiansoranywhereinCanada.
Underitscybersecuritymandate,CSEmonitorsgovernmentnetworkswiththesolepurpose
ofprotectingthemfrommaliciouscyberactivity.
CSEsforeignsignalsintelligencehasplayedavitalroleinuncoveringforeignbased
extremistseffortstoattract,radicalize,andtrainindividualstocarryoutattacksinCanada
andabroad.
AnysuggestionthatCSEmonitorsCanadianinternetspaceoutsideoftheGovernmentof
CanadanetworkforanypurposesotherthanthosedefinedintheNationalDefenceActis
false.
CSEregretsthedisclosures,andthespeculativeandoftenincorrectanalysisofthem,
particularlygiventhattheprofessionalanddedicatedmenandwomenofCSEworkdiligently
everydaytoprotectCanadians.
TheindependentCSECommissionerscrutinizesCSEsactivities.TheCSECommissioner
hasneverfoundCSEtohaveactedunlawfully,andhasnotedCSEsrespectfortheprivacy
ofCanadians.
Monday,March2,2015
CSEresponse:
Manyofthequestionspresentedrelatetospecificoperations,methodsorcapabilitiesthat
helpprotectCanadaandCanadiansagainstthreats.Asyouknow,CSEmustrespectthe
SecurityofInformationAct
andcannotcommentonclassifiedoperations,methodsand
capabilities.Insomeinstances,thequestionspresentedindicateamisunderstandingof
CSEsactualcapabilitiesorintentions.Furthermore,CSEregretsthatthepublicationofthese
documentsrendersourmethodslesseffectivewhenaddressingthreatstoCanadaand
Canadians.
Theleakedmaterialsaredateddocuments,andsomeexploredpossibleideastobetter
protecttheGovernmentofCanadasinformationsystemswhilealsoseekingcostefficiencies.
Asaresult,informationinthesedocumentsdoesnotnecessarilyreflectcurrentCSEpractices
orprograms,orthedegreetowhichCSEhasvisibilityintoglobalorCanadianinfrastructures.
Inmovingfromideasorconceptstoplanningandimplementation,weexamineproposals
closelytoensurethattheycomplywiththelawandinternalpolicies,andthattheyultimately
leadtoeffectiveandefficientwaystoprotectCanadaandCanadiansagainstthreats.
Technologiesortoolsthataredeployedorusedbybothoperationalareasaredoneso
separatelyunderCSEsforeignintelligenceorcyberdefencemandates,andinformationis
managedseparatelyincompliancewithasuiteofinternalpoliciesspecifictoeachmandate.
UnderitsITsecuritymandate,CSEhasinplaceautomatedscanningongovernment
networkstoidentifymaliciouscyberactivity.CSEonlycollectsinformationthatisnecessary
andrelevanttounderstandthenatureandmethodsofmaliciouscyberthreatsandtoprevent
maliciouscyberactivityagainstGovernmentofCanadasystemsandnetworks.
Wheninformationissharedbetweenthetwooperationalareas,itistohelpbetterunderstand
maliciouscyberthreatssothatCSEcanmoreeffectivelydefendgovernmentsystems.For
example,whereappropriate,informationaboutforeigncyberactivitiesdiscoveredbyourIT
securityanalystscanbesharedwithdesignatedforeignsignalsintelligenceanalystsfor
followupunderCSEsforeignintelligencemandate.Foreignintelligenceonthesethreat
activities,andthemethodsandtechniquesbehindthem,iscriticaltounderstanding,
mitigatinganddefendingagainstmaliciouscyberactivitiesthatthreatenCanadian
infrastructuresandinformation.
InformationcollectedbyCSEismanagedaccordingtoestablisheddataretentionschedules
thataredocumentedininternalpoliciesandprocedures.Toprovidemoredetailcouldassist
adversarieswhowanttoconductmaliciouscyberactivityagainstgovernmentnetworks,or
evadeourforeignsignalsintelligenceefforts.
Underitsassistancemandate,CSEprovidestechnicalassistancetofederallawenforcement
andsecurityagenciesonlyattheirspecificrequest,andonlyundertherequestingagencys
legalauthority,suchasawarrant.
PrivacyprotectionsareestablishedbylawandreflectedinpoliciesgoverningCSEsactivities.
MeasuresarebuiltintoCSEsoperationsandtechnologiesforthehandling,retention,use
anddestructionofinformationaboutCanadians.
TheindependentCSECommissionerandhisstaffscrutinizeCSEactivities.TheCSE
CommissionerhasneverfoundCSEtohaveactedunlawfully,andhasnotedCSEsrespect
fortheprivacyofCanadians.
Tuesday,March3,2015
CBCquestions:
1.
WeunderstandCSEemployeesareboundbysecrecyunderSIAduetonational
securityconcerns.ButwhycanttheagencydisclosewhetheritmonitorsallofCanadian
internettraffic?
(Sucharevelationdoesntputnationalsecurityindangerandisinthepublicsinterest.)
2.In
whichinstancesdoourquestions(sentFebruary24,2015)indicateamisunderstanding
ofCSEsactualcybercapabilitiesorintentions?
Pleaseknow,basedonCSEsowndocuments,andinconsultationwithnumerousauthorities
acrossaspectrumofviewpointsandexpertise,CBCispreparingtoreportthefollowing:
CSEhasdevelopedsophisticatedcapabilitiestoexploitcybernetworks,aswellastoattack
anddisruptpotentialopponents/threats.
TheseCNE/CNAcapabilities,andCanadasglobalaccesspointsandsensorsarethevery
toolsCSEcouldusetoassistotheragencies(CSIS,RCMP)todisruptterrorthreatsshould
BillC51becomelaw.
Pleaseanswereachofthefollowing:
3.Whatoftheabovestatement(
initalics
)isincorrect?
4.YouindicatedtoCBCinyourresponsesofMarch2thatCSEsleakeddocumentsareboth
dated,andspokeofplansandthatasaresult,informationinthesedocumentsdoesnot
necessarilyreflectcurrentCSEpracticesorprograms,orthedegreetowhichCSEhas
visibilityintoglobalorCanadianinfrastructures."
However,the2011CASCADEdocumentdiscussesplansfor2015andstatesthatCSE
currentlyhas"fullvisibilityofournationalinfrastructure."
AreyousayingCSEnolongerhasfullvisibilityofCanadiancyberinfrastructure?
5
.UnderwhatauthorityisCSEcurrentlymonitoringCanadasentirenationalcyber
infrastructure?
6.Onwhichdateshasaministersofdefenceauthorizedmonitoringoftheentirenational
cyberinfrastructureunderMandateA?
7.(above)UnderMandateB?
Tuesday,Feb.24,2015
CBCquestions:
1.IsCSEmonitoringallofCanada'sinternetspace?
2.Ifso,underwhatmandates(A/BorC)?
3.IsCSEcollectingdataormetadatafromCanada'sentireinternetspace?
4.Howmuchofthiscollectionisusedandretained?
5.Forhowlong?
6.HasCSEsucceededinmergingitsCyberSensorArchitecture(bothdefenceofCanadian
governmentnetworksusingPhotonicPrismprogram,andforeign/warrantsintelligence
gatheringthroughtheEONBLUIEprogram)asimaginedasagoalfor2015intheCSE
slidedeck"CASCADE?"
7.WhatdoesitmeanforPhotonicPrismandEONBLUEsensorstobemerged?
8.Whatisthenameofthenewlyunifiedsensorarchitectureprogramthathas
replaced/mergedthesetwoprevioussystems?
9.WhatdoesitmeanthatCSEhas"fullvisibilityofournationalinfrastructure?"(CASCADE
slidedeck,p.30)
10.Whatarethe"SpecialSources"(whichtelecommunicationscompanies,internetcables,
coreinternetproviders?)thatprovideCSEwithaviewofallofCanadianInternetSpace?
(CASCADEslidedeck,
illustrationp19)?
11.UnderwhatauthorityisCSEacquiringaccesstoall'internationalgatewaysaccessible
fromCanada"fromthesesocalled"SpecialSources?"(CASCADEslidedeckp.22)
12.How,underthenewly'synchronized'systememploying'commondatarepositories,'does
CSEdistinguishandkeepseparate(bothinCSEuseandinsharingwithallies)thedata
collecteditstwoseparatemandates?(Canadiansemailsanddatacollectedexpresslyunder
the"cybersecuritymandate"toprotectgovernmentnetworks,versusdata/metadatacollected
underthe'foreignintelligence"and/or'assistance'toCSIS/RCMP/ect'SIGINT"mandate?)
(CASCADEslidedeckp.23).
13.Howissurveillingtheentireinternet'nationalinfrastructure'effectiveindefendingagainst
cyberattacks?
14.Inthe2010slidedeck"CSECCyberThreatCapabilities:SIGINTandITS:anendtoend
approach"thereisadiagramonpage15,layingoutthevarioustypesofinternet
traffic/communicationsbeingcollectedandobservedbyCSEunderitsdifferentmandates
(MandateBdefenceofgovernmentnetworks,versusMandatesA+Cforeignintelligence
gathering,andassistancetoCSIS/RCMP/etc).
Howdoyouaccountforthe"domestictodomestic"communicationthatCSEissurveilling
underitsMandateA+C...distinctfromthe'warranteddomestic'collectionidentifiedinthe
diagram?(CSEisn'tsupposedtobetargeting/directingactivitiesatCanadians,beyond
warrantedauthorization).Canyouexplainthis?
15.Onpage22ofthe2010slidedeck"CSECCyberThreatCapabilities:SIGINTandITS:an
endtoendapproach"thereisacharton"CyberActivitySpectrum"whichdetailsCSE's
capacityforCyberNetworkExploitationandAttacks(implants,takingcontrol,disruption,
destroyingofadversarynetworks).Canyouprovideexampleswhenthesecapabilitieshave
beenused?
16.UnderwhatauthoritydoesCSEbreakinto,disruptordestroyadversaryinfrastructure?
17.Howmanytimessince2010hasCSEbeencalledonunderitsMandateC(Assistance)to
employtheseCNE/CNAcapabilities?
18.HowwouldBillC51,shoulditbecomelaw,affectCSE'sactivitiesintheCNE/CNArealm?