Question Period Note: Cyber Security Overview

Explaining Shared Services Canada’s (SSC) role in addressing cyber security, which is a shared responsibility with other agencies, such as the Treasury Board Secretariat (TBS) – Office of the Chief Information Officer (TBS-OCIO) and the Communications Security Establishment (CSE), which holds the Canadian Centre for Cyber Security (CCCS).

• Shared Services Canada works diligently to keep networks safe, secure and accessible for Canadians
  • Shared Services Canada applies cyber security measures to identify and prevent malicious actors from gaining access to government networks by using firewalls, network scans, anti-virus, anti-malware as well as identification and authentication tools and services
  • Cyber security is a shared responsibility between Shared Services Canada, the Communications Security Establishment, the Treasury Board Secretariat as well as departments and agencies
  • When a cybersecurity event occurs, Shared Services Canada and its partners coordinate to determine root causes, limit impact and undertake recovery
  • Shared Services Canada supports the effective design, delivery and management of IT security initiatives

If pressed on current and future cyber security investments:

• The government is investing $515.8 million over 6 years for Shared Services Canada, the Communications Security Establishment, and the Treasury Board Secretariat to address the rapidly evolving cyber threat landscape
• The proposed funding will help:
  • support cloud security at Shared Services Canada
  • expand cyber security protection for small departments and agencies
  • support Shared Services Canada’s security information and event management system
  • modernize the government’s approach to cyber security
  • support the Treasury Board Secretariat’s associated efforts to reinforce government cyber security
• Shared Services Canada responsibilities include government networks, email, data centres, and classified IT infrastructure

If pressed on Shared Services Canada’s responsibility versus that of Communications Security Establishment:

• Although most security systems used to protect the government’s IT infrastructure are designed and managed by Shared Services Canada, Communications Security Establishment uses complementary solutions to supplement Shared Services Canada-managed security systems
• While Shared Services Canada provides IT security infrastructure, Communications Security Establishment monitors government systems and networks for malicious activities and cyber-attacks and leads the government's operational response to cyber security events

If pressed on any particular cyber event (Exchange Vulnerability, Log4j, Print Nightmare, GAC Incident, NRC Incident, etc.):

• Shared Services Canada has people, technology and processes in place to safeguard systems, and works collaboratively with the Treasury Board Secretariat, Communications Security Establishment and departments to detect and respond to cyber threats
• When a cyber security event occurs, Shared Services Canada and other partners coordinate to determine root causes, limit impact and undertake recovery
• The risk of cyberattacks is persistent and requires constant vigilance

If pressed on April-May 2023 Distributed Denial of Service (DDoS) Campaign / Attack:

• A large DDoS campaign against the Government of Canada, started on April 10, 2023 and was fairly constant from April 10 to May 14, 2023
• A Distributed Denial of Service is a type of cyber-attack where a cybercriminal attacks an online resource by sending a flood of requests with the goal of making it unavailable to legitimate users
• Shared Services Canada, the Canadian Centre for Cyber Security, and partners have systems and processes in place to detect and mitigate these kinds of attacks. The Government is subject to Distributed Denial of Service-type attacks regularly as part of its business and most attacks are mitigated automatically with no manual intervention
• All the attacks during this campaign were detected and Shared Services Canada worked with its Internet Service Providers, the Cyber Centre, the Treasury Board Secretariat and the affected departments to mitigate the attacks
• Throughout the campaign, multiple sites were affected. Mitigations restored access to the affected websites and we continue to monitor the situation to ensure those mitigations remain effective
• Shared Services Canada is working with its partners to implement additional mitigations improving the resilience of services to Canadians

N/A

N/A