Spy agency flags possible security breaches at Canadian pandemic research facilities | CBC News

Spy agency flags possible security breaches at Canadian pandemic research facilities | CBC News

Canada’s cyber spy agency says authorities are investigating possible security breaches at Canadian organizations doing COVID-19-related research — less than a week after it warned that Canadian intellectual property linked to the pandemic is a “valuable target” for state-sponsored actors.

The CSE has warned that sophisticated threat actors could target Canadian medical research labs working on COVID-19 vaccines and treatments. (Bonnie Allen/CBC)

Canada’s cyber spy agency says authorities are investigating possible security breaches at Canadian organizations doing COVID-19-related research — less than a week after it warned that Canadian intellectual property linked to the pandemic is a “valuable target” for state-sponsored actors.

“We’ve seen some compromises in research organizations that we’ve been helping to mitigate and we’re still continuing to look through what’s the root cause of those,” said Scott Jones, head of the Communications Security Establishment’s Cyber Centre, during an appearance in front of the Commons industry, science and technology committee this evening.

“Yes, we’ve seen activity coming from organizations where they’ve seen malicious activity, or at least suspicious [activity], and we’re working with them to determine whether or not it was malicious, where it came from and who, and was a success or not.”

Watch: The CSE’s Scott Jones on the threat of data breaches at Canadian pandemic research labs

Toronto Liberal MP Nathaniel Erskine-Smith spoke with Scott Jones, the head of the CSE’s Canadian Centre for Cyber Security Centre at the Commons Industry committee on Wednesday. 5:11

It’s not clear where or when the alleged compromises happened, or whether they were state-sponsored. 

Questioned by Liberal MP Nathaniel Erskine-Smith, Jones said the intelligence side of the agency is looking into the sources of that “malicious activity.”

Last week, the CSE and the Canadian Security Intelligence Service issued a rare joint statement warning of foreign espionage targeting agencies involved in pandemic response.

‘An elevated level of risk’

“The Communications Security Establishment has assessed that it is near certain that state-sponsored actors have shifted their focus during the pandemic and that Canadian intellectual property represents a valuable target,” said the Canadian statement.

“With regards to the specific threats, the Cyber Centre has assessed that the COVID-19 pandemic presents an elevated level of risk to the cyber security of Canadian health organizations involved in the national response to the COVID-19 pandemic.”

Last week, the FBI and the Cybersecurity and Infrastructure Security Agency in the U.S. publicly accused China of targeting U.S. organizations running COVID-19-related research.

“The United States condemns attempts by cyber actors and non-traditional collectors affiliated with the People’s Republic of China (PRC) to steal U.S. intellectual property and data related to COVID-19 research,” said Secretary of State Mike Pompeo in a statement today.

“The potential theft of this information jeopardizes the delivery of secure, effective and efficient treatment options.” 

Last week’s Canadian statement said both agencies work closely with the Five Eyes intelligence-sharing alliance, which includes the United States.

“We regularly share information with our partners, including the U.S., which has a significant impact on protecting our respective countries’ safety and security,” it said.

CSE began sounding the alarm about the threat of state-sponsored hacks on Canada’s health sector at the start of the pandemic. 

“These actors may attempt to gain intelligence on COVID-19 response efforts and potential political responses to the crisis, or to steal ongoing key research towards a vaccine or other medical remedies,” warned a March alert.

At the time, the agency warned that those sophisticated threat actors could target Canadian medical research labs working on vaccines or other remedies through manipulation or spear-phishing campaigns — or by going after critical vulnerabilities as more housebound employees connect with their workplaces through VPNs (virtual private networks).

Read More

About No Specific Author

Check Also

Coronavirus: Latest on COVID-19 from around the world

Coronavirus: Latest on COVID-19 from around the world

Almost 18 million people have been reported to be infected by the novel coronavirus globally, and 685,000 have now died. Nearly 300,000 people were reported infected in the past 24 hours and 6400 dead. Here are the latest developments from around the world. Europe Ireland Ireland's chief medical officer on Saturday described a recent spike…

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.