Bordered by three oceans and a long-time ally of the United States, Canada has enjoyed an extremely advantageous geopolitical situation for a very long time.
Thus, in recent decades, Canada has been able to focus its foreign policy in particular on the defense of liberal values and human rights in the world, without having to significantly fear for its security. Criticisms, denunciations or sanctions issued by Ottawa against international actors deemed disruptive or malicious were rarely followed by direct consequences for the Canadian population.
However, the rise of cyberconflict and digital violence increasingly challenges this paradigm. In a largely transnational and horizontal cyberspace, actions and reactions now follow one another at the speed of a click, from one end of the globe to the other.
State hackers, cybercriminals or hacktivist groups can today ignore borders and distances to harm all kinds of entities and organizations, private and public. Through more or less sophisticated cyberattacks, such actors now no longer hesitate to “punish” certain countries for their positions, particularly in international politics.
Between hacks and hyperfakes
The past year has shown that Canada is not immune to the rise in cyber threats. In April 2023, we learned that a group of Russian hackers had attempted to infiltrate the management systems of a Canadian gas pipeline, allegedly with the aim of causing an industrial accident. Named Zarya, the group maintained contacts with Russian intelligence services and acted in retaliation for Canadian military aid to Ukraine.
In September, a group of Indian “patriotic hackers” targeted around ten Canadian websites (including that of the Canadian Armed Forces), attempting to reduce their accessibility through denial of service attacks. . Calling itself Indian Cyber Force, the collective intended to sanction the statements of the Trudeau government, which had just accused the Indian state of having sponsored the assassination of a Sikh activist on Canadian soil.
In August 2023, a Canadian blogger of Chinese origin was targeted by an online influence operation orchestrated from China. Killing two birds with one stone, the campaign consisted of slandering various Canadian elected officials using hyper-faking (deepfake) impersonating the blogger, himself known for his criticism of the Chinese Communist Party.
Create excitement to put pressure
These acts do not represent isolated cases. The directory of Canadian cyber incidents from the Observatory of Multidimensional Conflicts of the Raoul-Dandurand Chair1an open access database maintained by the authors of this text, has identified – without claiming to be exhaustive – 16 cyber incidents of a geopolitical nature having affected Canada during the year 2023, for a total of 114 since 2010.
These actions largely include more stealthy cyberattacks aimed in particular at the clandestine collection of intelligence, a practice widely spread on the international scene.
However, other attacks are more aggressive in nature and often intend to “deliver a message” to Canada, whether geopolitical or ideological.
These cyber incidents, although they rarely cause major damage, seek to disrupt the daily lives of Canadians and, even more, to arouse emotion and nourish a feeling of insecurity, among other things thanks to the media coverage they give. are the subject. The logic, ultimately, is to exert pressure on Canadian institutions to get them to reconsider certain of their positions – most often in matters of international policy.
Keep a cool head
Obviously echoing extremely troubled international news, from Gaza to Ukraine via Yemen, this dynamic generally involves non- or semi-state digital actors and thus complicates the management and attribution of these threats.
On the one hand, it establishes a form of parallel diplomacy, in which a galaxy of small actors interferes in the internal politics of other countries. On the other hand, it can also fuel a form of “plausible deniability” for the States that these cyberattacks want to serve (such as Russia, China or India), whose responsibility is then difficult to demonstrate, or even completely evaded.
Canada, in other words, must now expect to experience more frequent and sometimes fierce digital reactions when it is required to take a position on certain sensitive issues. The risk, in the long term, is obviously that Canada will come to prefer to remain discreet or circumspect on a growing number of international issues in order to avoid the wrath of malicious cyber actors.
However, this is precisely the aim of this type of maneuver: to scare in order to silence. If Canada wishes in the future to continue to defend certain values and assert its views against powers like China, Russia and India, it will have to equip itself with the best tools to protect itself against cyber retaliation that it are already worth such positions.
1. Consult the Raoul-Dandurand Chair’s directory of Canadian cyber incidents
Consult the 2024 state of play on geopolitical cyber incidents in Canada
What do you think ? Participate in the dialogue
reference: www.lapresse.ca