Spy agency flags possible security breaches at Canadian pandemic research facilities

Canada's cyber spy agency says authorities are investigating possible security breaches at Canadian organizations doing COVID-19-related research less than a week after it warned that Canadian intellectual property linked to the pandemic is a "valuable target" for state-sponsored actors.

"We've seen some compromises in research organizations that we've been helping to mitigate and we're still continuing to look through what's the root cause of those," saidScott Jones, head of the Communications Security Establishment's Cyber Centre, during an appearance in front of the Commons industry, science and technology committee this evening.

"Yes, we've seen activity coming from organizations wherethey've seen malicious activity, or at least suspicious [activity], and we're working with them to determine whether or not it was malicious, where it came from and who, and was a success or not."

Watch: The CSE's Scott Jones on the threat of data breaches at Canadian pandemic research labs

CSE reports possible security breaches at Canadian COVID research facilities

4 years ago

Duration 5:11

Toronto Liberal MP Nathaniel Erskine-Smith spoke with Scott Jones, the head of the CSE's Canadian Centre for Cyber Security Centre at the Commons Industry committee on Wednesday.

It's not clear where or when the alleged compromises happened, or whether they were state-sponsored.

Questioned byLiberal MPNathaniel Erskine-Smith, Jones said the intelligence side of the agency is looking into the sources of that "malicious activity."

Last week, the CSEand the Canadian Security Intelligence Service issued a rare joint statement warning of foreignespionage targeting agencies involved in pandemic response.

'An elevated level of risk'

"The Communications Security Establishment has assessed that it is near certain that state-sponsored actors have shifted their focus during the pandemic and that Canadian intellectual property represents a valuable target," said the Canadian statement.

"With regards to the specific threats, the Cyber Centre has assessed that the COVID-19 pandemic presents an elevated level of risk to the cyber security of Canadian health organizations involved in the national response to the COVID-19 pandemic."

Last week, theFBI and the Cybersecurity and Infrastructure Security Agency in the U.S.publicly accused China of targetingU.S. organizations runningCOVID-19-related research.

"The United States condemns attempts by cyber actors and non-traditional collectors affiliated with the People's Republic of China (PRC) to steal U.S. intellectual property and data related to COVID-19 research," said Secretary of State Mike Pompeo in a statement today.

"The potential theft of this information jeopardizes the delivery of secure, effectiveand efficient treatment options."

Last week's Canadian statement said both agencies work closely with the Five Eyes intelligence-sharing alliance, which includesthe United States.

"We regularly share information with our partners, including the U.S., which has a significant impact on protecting our respective countries' safety and security," it said.

CSE began sounding the alarm about the threat of state-sponsored hacks onCanada's healthsector at the start of the pandemic.

"These actors may attempt to gain intelligence on COVID-19 response efforts and potential political responses to the crisis, or to steal ongoing key research towards a vaccine or other medical remedies,"warneda March alert.

At the time, the agency warned that those sophisticated threat actors could target Canadian medical research labsworking on vaccinesor other remedies through manipulation orspear-phishing campaigns or by going after critical vulnerabilities as more houseboundemployees connect with their workplaces through VPNs(virtual private networks).