top of page
Anchor 1

Cyber Interference in the 2019 Canadian Election

Scenario:

International actors attempt to interfere in the 2019 Canadian election through cyber platforms

BACKGROUND

What is Cyber Security?

Cybersecurity involves the securitization and mediation of threats to online infrastructure, communication, or technology that resides within the sovereign territory of a specific state. The Communication Security Establishment (CSE) notes that a number of different actors can pose a threat to cyber security for a variety of reasons: [1]

It is important to note that the “cyberspace” being protected does not constitute its own “electronic world” separate from our own. [2] Connected devices and online infrastructure are very important parts of our everyday lives and are very much real and physical things used by real people and governments. The networks that connect these devices, known as information communication technologies (ICTs), allow Canadians to store, retrieve, manipulate, transmit or receive information electronically in a digital form from around the world. [3] The transnational nature of the internet and online technology connects people across borders, providing both tremendous opportunity for cooperation and tremendous risks for espionage, interference and manipulation.  

How Does Cybersecurity Relate to Elections?

The importance of cybersecurity to the protection of the democratic process has become a credible threat to the global community. The activity of cyber threat entities trying to influence foreign elections and political discourse through propaganda and disinformation has been seen in several different countries. The American National Intelligence Council assessed “with high confidence” that international actors conducted an influence campaign to discredit Hillary Clinton, promote Donald Trump, and undermine faith in the democratic process. [4] This was done through a “multifaceted approach” consisting of:

  • Cyber espionage of US political organizations

  • Leaking of documents acquired through cyber operations

  • Cyber intrusion into state and local electoral boards

  • Propaganda distributed online through trolls and state-owned media (ex. RT) [5]

The Mueller investigation also recently produced thirteen indictments of Russian individuals suspected of organizing and executing disinformation campaigns targeting the American electorate in order to influence the election. [6] Governments within the European Union have also faced intervention from transnational actors, prompting policy responses from several states. [7]

Canadian elections are not immune from such types of interference. The CSE has predicted with high certainty that the Canadian federal election will likely be targeted by various online actors during the election. [8] A recent Congressional Intelligence Committee data dump also revealed that online trolls had mentioned Justin Trudeau and Canadian oil pipelines in their online communications. [9]

What Does International Law Have to Say?

While elections are part of a nation’s domestic affairs, attempts at manipulation by international actors presents a number of important issues within the framework of international law. The primary resource to assess this legal framework is the Tallin Manual 2.0. Under international law, a nation’s elections and its policy decision making processes are protected by international law as a part of its domaine reserve. [10] As such, interference by a foreign actor in this area constitutes an infringement of sovereignty. However, several key concepts inhibit or limit a state’s ability to react to this interference:

Attribution - the offending state must be shown to have committed or procedurally supported the act. International law does not cover the actions of a non-state actor against a state.

Negligence - If it is made clear that a non-state actor has committed a crime against the government of another country and the host country does nothing, tacit consent of the actor can be assumed, but this is not enough to charge said state under international law.

Proportionality -If you are able to prove that another state committed or supported an infringement of sovereignty, the countermeasure must be proportionate to the original act. Despite rhetoric of “cyberwar” or “cyberattack”, physical violence would not be acceptable under international law in the face of cyber espionage. [11]

These limitations present several challenging hurdles to pursuing justice after a state or other actor attempts to sabotage or influence state elections. For this reason, it is vital that the Government of Canada take a proactive strategy in protecting its elections from foreign interference.

resources & inputs

Potential Actors

Which actors would be involved in the espionage and disinformation campaigns?

  • Trolls operating on Canadian websites, social media, forums

  • Activists trying to undermine the government or various institutions

  • State owned media discussing Canadian election (ex. RT)

  • Sites like Wikileaks that share leaked documents [12]
     

Who or what would be the targets of the information/espionage?

  • Current politicians (Trudeau, Freeland)

  • Canadian news sources and publications (CBC, Globe and Mail)

  • Political candidates (Jagmeet Singh)

  • Campaign staff, bureaucrats, government employees [13]
     

Who will the intended audience be?

  • Canadian voters

  • Citizens of other countries in order to cause a ripple effect and discredit Western democracy [14]

Interference Activities

A strategy style that has been used in the past by threat actors involves a process of “vilify and amplify”. [15] This involves a multi-step process of information generation and distribution. First, information that is meant to undermine the target is created or gathered by specific actors within the network. [16] That information is then hosted on traditional media services like RT or spread through “fake experts” who hide their affiliations or pose as someone else in order to maintain legitimacy. [17] A key example of this was the @TEN_GOP twitter account, a popular American far-right twitter account that was actually run by Russian trolls. [18] The use of social media sites like Facebook, Reddit and Twitter is an important aspect of information sharing as well. [19] Another key aspect of cyber espionage involves the hacking or phishing of political candidates email and other private data in order to uncover and reveal potential embarrassing details. This was done to the campaigns of Hillary Clinton and Emmanuel Macron; the information was posted on WikiLeaks and 4chan respectively. [20]

Current Strategies

At present, the Canadian government has a reactive cybersecurity policy that is centred mostly around cybercrime and the protection of infrastructure. The Federal government has developed a new National Cyber Security Strategy that is focused on bolstering the cyber security of energy and financial sectors, enhancing its ability to investigate cyber crimes, and encouraging cooperation with other countries and with provincial governments. [21]  The government also pledged $116 million dollars to create a National Cybercrime Coordination unit and $155.2 million to the CSE to create a Canadian Centre for Cyber Security. [22] These actions are mainly being pursued in order to consolidate current resources to boost efficiency and access for civil society. An extension of these agencies’ mandates does not appear to be a significant aspect of the plan.

The Canadian government is also currently working on Bill C-59, which would extend and elaborate on the mandate of the CSE. Under the bill, the CSE would be allowed to pursue activities such as, “installing, maintaining, copying, distributing, searching, modifying, disrupting, deleting or intercepting anything on or through the global information infrastructure.” [23] This would enable to CSE to pursue a defensive cybersecurity strategy

sufficiency & likely objectives

It is unlikely that the current Canadian cybersecurity strategies would be effective at preventing disinformation campaigns from impacting the 2019 election. There are currently a number of issues with Canada’s cybersecurity regime that would inhibit its ability to deal with these issues:

CSE does not have an offensive mandate since Bill C-59 has yet to be passed by Parliament; its current mandate under the National Defence Act only allows for the collection of foreign intelligence and the sharing of such intel with the Government and law enforcement agencies. [24] It does not allow for the pro-active engagement with foreign entities who may be trying to impact Canadian security or information networks (which would be allowed under C-59) [25]

The current Cyber Security Strategy does not list disinformation campaigns or threats to global democracy under its lists of concerns. The focus of the Strategy is on the protection of infrastructure and the privacy of Canadian businesses. This was also absent from the list of responsibilities that the new National Cybercrime Coordination unit and Canadian Centre for Cyber Security would have. [26]

The reactive mandate makes it harder to address attribution due to the issues inherent in identifying threat actors. Simply collecting info from foreign agents may not be enough to identify them and sanction them through international legal channels.

With that being said, the Government of Canada should pursue the following strategies in order to overcome these shortcomings:

Make Disinformation Campaigns a Distinct and Explicit National Security Concern [27]

The current Canadian Cyber Security Strategy is built around three specific pillars: securing government systems, protecting infrastructure, and protecting Canadians from cybercrime. [28] There is no clear discussion of threats to the democratic process or of foreign agents trying to influence Canadian policy or political processes. The Canadian government should actively list disinformation campaigns as a focus of its cybersecurity strategy and publicly showcase the actors and platforms that propagate disinformation. [29] This includes acknowledging companies whose sites or platforms are common hubs for disinformation and investigating the ways in which these sites promote or allow for the proliferation of disinformation on their sites. [30] The public should always be aware of the ways in which these sites promote or hide certain information from them, and the Canadian government should take an active role in ensuring that people are never taken advantage of by threat actors seeking to fool them. This also means that the investigative and collaborative practices of the Canadian government should be public and transparent.

Pass C-59 with Explicit Consent of Offensive Cyber Capabilities

Bill C-59 will give the CSE an offensive mandate to use necessary counter-measures under international law to contain or subvert potential threats to Canadian democracy. [31] This could include troll farms, specific hackers such as Guccifer 2.0, or other threat actors seeking to influence the democratic process in Canada. This would allow the Canadian government to eliminate a threat to national security or to the democratic process before the disinformation or propaganda would be heavily circulated. This proactive, rather than reactive, strategy would help to cut off potential threats before they have a chance to influence the Canadian election.

Promote a Culture of Information Sharing with NATO & Five Eyes Partners Surrounding Elections Tampering

Due to the transnational nature of cyber threats, cooperation among allies is vital to ensuring the security of Canadians. The Five Eyes Initiative is an intelligence cooperative among New Zealand, Australia, Canada, the United States and the United Kingdom. Traditionally, the alliance serves as an intelligence sharing cooperative to act as a larger threat protection union. Intelligence sharing among member states has been effective in the past, one of the most recent examples being the FBI tip off that led to the arrest of a suspected terrorist in Strathroy Ontario. [32] Information sharing should not stop at the disclosure of terrorist threats, and the members of both Five Eyes and NATO should be working towards expanding their efforts in sharing cybersecurity best practices and information.

POST SCENARIO

The potential for online interference in the domaine reserve of Canada and its elections presents an interesting set of issues for Canadian government officials. Under the current international legal regime, the problem of attribution makes identifying and countering cyber threats a challenge when using a reactive cyber security policy. There is high probability that the Canadian government will face some form of disinformation campaign or cyber espionage targeting elected officials and political candidates in the 2019 election.

As such, Canada must take a proactive approach to potential cyber espionage and election interference by passing C-59, explicitly naming disinformation tactics as a national security priority, and working with Five Eyes and NATO partners to share best practices and information in order to investigate and counter threat actors. By pursuing a more refined and targeted approach, the Canadian government will be better equipped to deal with disinformation when it arises.

bottom of page