World NewsCanada

House of Commons Alerted Over a Year Before 2021 Chinese Cyberattack: Spy Agency Chief

Save
House of Commons Alerted Over a Year Before 2021 Chinese Cyberattack: Spy Agency Chief
A hooded man holds a laptop computer as cyber code is projected on him May 13, 2017. (Kacper Pempel/Reuters)
Andrew Chen
6/7/2024
Updated:
6/7/2024
0:00

The House of Commons was alerted to another cyber threat over a year before the recently revealed Chinese cyberattack targeting parliamentarians in 2021, a senior spy agency official told MPs.

Caroline Xavier, chief of the Communications Security Establishment (CSE), made the revelation while testifying before the House of Commons Standing Committee on Procedure and House Affairs on June 6.
The committee is studying a 2021 incident in which 18 parliamentarians were targeted by a Chinese hacker group, known as APT31. The attack was disclosed in a U.S. indictment released in March. The indictment laid charges on seven Chinese nationals associated with the hacker group, noting that it has spent roughly 14 years targeting U.S. and foreign businesses and political officials, as well as critics of Beijing.

Ms. Xavier noted that CSE had successfully thwarted another cyberattack attempt over a year before the APT31 attack. She said that between January and April 2021, CSE’s cyber centre had provided multiple reports to the House of Commons information technology (IT) security officials. These reports detailed significant technical indicators of compromise by a sophisticated actor, impacting the administration’s IT systems.

“Upon receipt of this information, CSE shared specific and actionable technical information about the activity with the House of Commons IT security officials, and as well the Canadian Security Intelligence Service,” Ms. Xavier said. “Because of this information, CSE and the House of Commons worked together to thwart the attempt to compromise by this sophisticated actor.”

Ms. Xavier emphasized that the House of Commons and Senate operate independently from the CSE. Even after being informed of the cyberattack, these chambers are responsible for deciding how and when to communicate directly with MPs and senators.

Information Sharing

In response to inquiries regarding the APT31 attack, Ms. Xavier confirmed that in June 2022, CSE had received a report from the U.S. Federal Bureau of Investigation detailing emails targeting individuals worldwide, including Canadian parliamentarians. She also confirmed that CSE shared the list of affected parliamentarians with the House of Commons IT administrators.
Related Stories
House Committee Begins Study of Chinese Cyberattack Against Lawmakers
6/4/2024
House Committee Begins Study of Chinese Cyberattack Against Lawmakers
Chinese Cyber Threat ‘Outpaces Other Nations,’ Spy Agency Says in Rare Public Warning
6/3/2024
Chinese Cyber Threat ‘Outpaces Other Nations,’ Spy Agency Says in Rare Public Warning

Conservative MP Garnett Genuis, one of the 18 parliamentarians targeted by APT31, asked if the CSE had included caveats when sharing information about the cyberattack with the House of Commons.

Rajiv Gupta, associate head of the Canadian Centre for Cyber Security, responded that the agency’s reports typically include a caveat preventing recipients from further sharing the information without explicit CSE authorization.

Mr. Genuis described the situation as a “circuitous game of telephone,” asking why the government didn’t directly inform the affected parliamentarians so they could protect themselves.

“Fundamentally, the question is, why was all of this sort of nonsense interposed in between the people who had the information—which was the Government of Canada—and the people who needed the information—which was members of Parliament under threat—who could have taken further preventative action to protect themselves? Why was it so difficult for the government to just tell us directly?” he asked.

Ms. Xavier replied, “I recognize that we’re going to learn from this incident and hopefully get a better understanding.”