OTTAWA - The Public Safety Department worries Canada is becoming a digital launching pad for — not just a target of — malicious cyber-activities, confidential briefing notes reveal.
Traditionally, most cyber-criminals are known for plotting their online schemes in places like Eastern Europe, East Asia and Africa, say departmental notes prepared for a closed-door meeting of the Cross-Cultural Roundtable on Security.
"This may be shifting to more developed countries such as Canada, the U.S. and France — countries with good reputations," say the notes, obtained by The Canadian Press under the Access to Information Act.
"Plainly said, we may be moving from being mostly 'targets' of organized cyber-crime hosted in outside jurisdictions, to 'hosts' of online cyber-crime operations and activities."
The notes were drafted for an introductory discussion by Brett Kubicek, Public Safety's manager of research and academic relations, at the roundtable's June meeting.
The roundtable, which comprises members of various ethnic backgrounds, tries to foster dialogue on security issues between government officials and minority communities.
"When it comes to cyberspace, it's likely that the flow of questions facing policy-makers will continue to outpace readily available and clear solutions for the foreseeable future," say Kubicek's notes.
His comments followed an explicit warning from the Canadian Security Intelligence Service about homegrown websites that support and incite terrorist violence.
They also echoed findings of digital security company Websense, which singled out Canada as a breeding ground for Internet nastiness in its two latest annual surveys.
Last spring, Websense said Canada ranked No. 2 in the world — ahead of prime offenders Egypt and Russia — for hosted phishing sites that lure unsuspecting people into providing personal information like credit card numbers.
It also noted a 39-per-cent increase in Canadian-hosted "bot networks," the command-and-control centres for cyber-criminals, as well as a 239-per-cent jump in potentially infectious and otherwise dangerous Canadian websites.
"Across the board, we're seeing all types of malicious content coming out of the Great White North," the company said in May.
"Even after last year’s discovery, we still have not seen any big takedowns of malicious sites in Canada. In fact, malicious sites seem to stay up longer than in other countries."
In July it was reported that Farsi-speaking hackers used four cyber-bases in Canada to steal confidential materials from hundreds of government officials and businesspeople in Afghanistan, Iran and Israel.
The roundtable proceedings clearly indicate Canadian officials are just beginning to grapple with a problem that will only grow.
In his remarks, Kubicek noted the "ever-expanding mismatch" between the growing online dimension of Canadian lives and the body of laws, regulations and policies developed largely for an "offline" world.
A Justice Department briefing prepared for the June roundtable meeting says challenges include the appropriateness of existing laws for criminal behaviour and the need for new ones to address the changing environment.
"Cyberspace presents challenges for Canadian legislation and for law enforcement as technology evolves rapidly," says the presentation. "Legal frameworks and investigative practices are challenged to keep pace with this evolution."
Since technological shifts happen much faster than legislative change, the preferred strategy is to draft technology-neutral laws to the extent possible, the department adds.
Other considerations include combating cyber-crime without eroding privacy and co-operating with other countries to tackle the global nature of illicit online activities.
Federal Auditor General Michael Ferguson recently found the government had been slow to mount an effective response to the rapidly growing threat of cyber-attacks on key systems.
The government has made only limited progress in shoring up computer networks and lags in building partnerships with other players, Ferguson said. The federal cyber-incident response centre doesn't even operate around the clock, he added.
Following the report's release, Public Safety Minister Vic Toews acknowledged that cyber-threats were not considered a priority until recently.
#20 London, Ontario
<strong>2010 RANK:</strong> 22 <br><em>Springbank Park, London Ont. </em>
#19 Regina, Saskatchewan
<strong>2010 RANK:</strong> 21 <br><em>Downtown Regina, Saskatchewan.</em>
#18 Kingston, Ontario
<strong>2010 RANK:</strong> 28<br><em>Radisson Plaza Hotel and the Harbourfront Kingston, Ontario</em>
#17 Barrie, Ontario
<strong>2010 RANK:</strong> 23<br><em>On the road, Barrie, Ontario.</em>
#16 Halifax, Nova Scotia
<strong>2010 RANK:</strong> 31<br><em>Halifax Harbour</em>
#15 Ottawa, Ontario
<strong>2010 RANK:</strong> 11<br><em>Parliament Hill, Ottawa, Ont. </em>
#14 Markham, Ontario
<strong>2010 RANK:</strong> 7<br>
#13 Kelowna, British Columbia
<strong>2010 RANK:</strong> 9<br><em>Kelowna, B.C.</em>
#12 Kitchener, Ontario.
<strong>2010 RANK:</strong> 10<br><em>Kitchener, Ontario.</em>
#11 Oakville, Ontario
<strong>2010 RANK:</strong> 6<br><em>Oakville Post Office.</em>
#10 Victoria, British Columbia
<strong>2010 RANK:</strong> 12<br>Victoria had the analysis' highest number of Wi-Fi hotspots, at 170 per 100,000 population. However, spending on internet access and personal computers was the lowest out of the top 10 cities.
#9 Edmonton, Alberta
<strong>2010 RANK:</strong> 13<br>Edmonton scored high in the categories of Wi-Fi hotspots, spending on personal computers and Internet access. Social networking use by Edmonton residents was the lowest in the analysis, at 37 per cent of the population. <br><em> Edmonton Skyline from Sherwood Park</em>
#8 New Westminster, British Columbia
<strong>2010 RANK:</strong> 16<br>New Westminster rose significantly in the rankings, up to #8 from #16 in 2010. There were 34 Wi-Fi hotspots per 100,000 population and 48 per cent of New Westminster residents use social networking. <br> <em>British Columbia's Fraser River</em>
#7 Toronto, Ontario
<strong>2010 RANK:</strong> 8<br>Toronto's spending on personal computers was among the highest. The number of Wi-Fi hotspots was also high. But social networking use among Toronto residents was near average.
#6 Fredericton, New Brunswick
<strong>2010 RANK:</strong> 14<br> Social networking use was the highest in the analysis, at 60 per centof the population. <br> <em>New Brunswick Fredericton October 2011 Gavin Langille-18. </em>
#5 Calgary, Alberta
<strong>2010 RANK:</strong> 5<br>Calgary had the lowest ranking among the cybercrime data in the list of top ten Canadian cites, but the second-highest spending on Internet use and personal computers. <br><em>Beltline Area, Calgary, Alberta, (January 29, 2007).</em>
#4 Langley, British Columbia
<strong>2010 RANK:</strong> 3<br> Langley dropped slightly in this year's analysis, falling one spot in the rankings from #3 in 2010. Reported cybercrime data was all in the 90th percentile. <br><em>Fort Langley British Columbia.</em>
#3 Vancouver, British Columbia
<strong>2010 RANK:</strong> 4<br>Vancouver rose one spot in the rankings since the 2010 analysis. It had the third-highest incidence of spamming IP addresses, and a high level among the other cybercrime data sets. Vancouver also had the second-highest number of Wi-Fi hotspots per capita and high social networking use.
#2 Port Coquitlam, British Columbia
<strong>2010 RANK:</strong> 2<br>Port Coquitlam, B.C. again ranked second in the analysis, scoring at the top in the majority of the categories surveyed, including cybercrime data per capita. Port Coquitlam also reported high numbers of social networking use. <br> <em>Canadian Pacific Railway yard, Port Coquitlam BC</em>
#1 Burlington, Ontario
Burlington maintained its #1 ranking from the 2010 analysis. It reported the highest scores among the cybercrime data per capita in three of the four cybercrime data factors. Burlington's internet use and computer expenditures were also high.