Foreign spies ‘very likely’ trying to learn how pandemic affects military preparedness, says CSE

State-sponsored actors likely are using the COVID-19 pandemic climate to dig for important intelligence — including how COVID-19 is affecting military preparedness — warns a new threat bulletin from Canada’s cyber spies.

The warning, which was posted to the Communication Security Establishment’s website today but dates back to April 27, also warned that foreign governments likely are looking to deploy foreign surveillance technologies in Canada by promising to help fight against the spread of the virus.

“Given the unexpected spread and severity of the disease, governments almost certainly feel they are operating with inadequate information to craft effective public health and economic responses to the COVID-19 pandemic. As such, foreign intelligence agencies are almost certainly being tasked with new intelligence collection requirements related to the COVID-19 pandemic,” notes the bulletin from the Canadian Centre for Cyber Security, a division of the CSE.

“We judge that states are very likely seeking information regarding the COVID-19 pandemic’s effect on military preparedness, particularly in areas with ongoing territorial disputes or geopolitical friction.”

The Canadian-led NATO battle group in Latvia has already been the target of a pandemic-related disinformation campaign that alliance commanders say they believe originated in Russia.

“Many influence campaigns are aimed at Canadian allies, including those hosting significant contingents of Canadian diplomatic and military personnel who will very likely be affected by outbreaks of public unrest or disrupted public health responses in those countris,” notes the CSE’s report.

The CSE and its sister agency, the Canadian Security Intelligence Agency, have been warning that threat actors likely will target organizations doing COVID-19-related research in order to steal intellectual property linked to the pandemic.

Tuesday’s bulletin fleshes out that report, saying that foreign spies probably are after other intelligence as well like trying to “attain advanced warning of public health responses (e.g., travel restrictions) under consideration by foreign states.”

Be wary of foreign surveillance technologies

As the policy conversation about deploying contact tracing technology continues in Canada and elsewhere, the foreign intelligence signals agency warns that “it is very likely” that authoritarian governments will attempt to deploy surveillance technologies “under the guise of combating the COVID-19 pandemic.”

“In the past, telecommunications surveillance products — such as those of surveillance technology company NSO Group — have been marketed to authoritarian governments, who have used them to covertly target Canadians in Canada,” says the report.

The controversial Israeli-based surveillance company is being sued by WhatsApp, which has accused it of helping government spies break into the phones of roughly 1,400 users across four continents.

“NSO Group claims that at least a dozen countries are currently testing their mobile application, which aggregates device data to map and analyze the spread of COVID-19.”

Canada continues to debate the pros and cons of contact tracing technology; just last week, Prime Minister Justin Trudeau said the federal government is hoping to be able to endorse a single app for the whole nation. The CSE says those discussions could become fodder for foreign influence campaigns.

“We expect that privacy concerns will likely initiate passionate public debates, including in Canada, on the expanding use and effectiveness of surveillance technologies to combat the ongoing COVID-19 pandemic,” reads the bulletin.

“It is very likely that influence campaigns will manipulate privacy concerns in order to sow discord and erode trust in public institutions.”

IP theft threat continues

The cyber spy agency says a foreign threat actor “almost certainly” tried to steal intellectual property from a Canadian biopharmaceutical company last month.

In early April 2020, individuals associated with a Canadian university engaged in COVID-19 research and a Canadian provincial government health agency were also targeted by COVID-19-themed phishing attacks attempting to deliver ransomware, says the bulletin.

The trend shows no sign of ending, warns the CSE.

“We judge that most states, especially those with high rates of infection or ambitions to improve their international standing, will almost certainly prioritize COVID-19-related intelligence collection for the foreseeable future,” they write.

“It is almost certain that cyber threat actors will continue in their attempts to steal Canadian intellectual property under development to combat COVID-19 in order to support their own domestic public health response or profit from its illegal reproduction by their own firms.”

However, even foreign espionage has been hit by the pandemic.

“We judge that it is likely that multiple state-sponsored cyber threat actors have temporarily slowed their operational tempo as a result of COVID-19 shutdowns,” said the CSE.

“We expect that most states will almost certainly be increasingly reliant on online operations to gather foreign intelligence over the coming year.”

It does not name the state-sponsored threat actors that are suspected of orchestrating the alleged hacks.  

The report also repeats an early warning about cyber actors going after the number of people now working from home and using video-conferencing platforms such as Microsoft Teams, Google Hangouts and Zoom.

“The University of Toronto’s Citizen Lab reported that user communications, including encryption keys, may be routed through Zoom’s servers in China even when all participants are located outside of China,” it notes.

“Beyond that, cyber threat actors are also trying to victimize targets by luring them with fake chat and video-conferencing platforms.”

Source link

Name (required)Email (required)Website

Leave a Reply