Online attacks on Canada's financial system may become much more destructive as more than one military worldwide is involved in cyber operations, a security expert and former CIA analyst told a commission committee on Wednesday.
Christopher Porter, chief intelligence strategist for cyber security firm Fireeye, Inc., testified that as NATO countries share their expertise on how to defend against and defeat online threats, "big cyber powers outside the alliance" will probably do so same.
The consequences, he said, could be gloomy.
The West's imposition of sanctions on "some countries" has previously been met with deial-of-service attacks on financial services, he said – attacks that have only been disruptive.
"In the future, they can react with destructive attacks to permanently disable financial services or change data in a way that undermines confidence in the global financial system, for example, by delaying or weakening the reliable settlement of government debt security. "Porter said.
"For countries that are sufficiently sanctioned and therefore increasingly outside the financial system, there is no incentive to not do so during a confrontation."
Where the threat comes from
He was not called the countries he thinks constitutes an imminent threat, but North Korea, Russia and Iran are widely known for possessing sophisticated cyber capacity and, in some cases, loose associations with groups of private hackers.
The Public Security Committee is studying security in the financial sector. Wednesday's hearing focused on online threats.
"I'm seriously worried about the militarization of cyber operations," said Porter, who spent nearly nine years at the CIA and served as a cyber threat intelligence letter to the White House National Security Council staff.
"(The) proliferation of groundbreaking cyber force coupled with an increased willingness to use it with minimal blowback and spiral mistrust has set the stage for more disturbing and destabilizing cyber incidents, possibly in the near future."
Cyber espionage threat Canada is still "moderate", said Porter, but his organization has listed at least 10 groups from China, Russia and Iran, targeting Canada in the last few years.
His gloomy assessment was repeated by another private sector expert who appeared to the committee. Jonathan Reiber, Cyber Security Manager at Illumio, a US business computer center, said most of Washington's efforts to get everyone back from cyber warfare have gone nowhere.
He also suggested that online militarization was inevitable. "Opponents are escalated in cyberspace, despite US efforts to deter," he said.
The United States, Canada and other Western countries must take a more aggressive stance to discourage cyber-aggression by "defending ahead" and conducting offensive cyber-operations to disrupt hacking, Reiber said.
The Liberal Government's defense policy, released in June 2017, allowed the Canadian military to carry out such operations.
"National states have the right to defend themselves in cyberspace, as they do in other areas," Reiber said.
Determining the point where an online valve evokes a real world environmental response is something that NATO and many Western countries have been struggling with over the past five years.
The Alliance has a mutual assistance clause, known as Article 5, which requires NATO nations to help an ally under attack.
Public Security Committee Liberal Member John McKay asked whether NATO's decision-making mechanisms are easier enough to keep pace with cyber attacks.
Porter said he believes the system is sound. The challenge, he said, is to get all the Allies on the same side.
"I think a bigger problem is who should call such an answer and under what circumstances," he said. "In those states, I think you are always waiting for a devastating event in Pearl Harbor."
Such a massive attack is still less likely than a number of minor events, he said, "a death of a thousand cuts" that may not rise to the level of provocative allies.