OTTAWA—Canada’s intelligence community has identified foreign actors attempting to directly influence the upcoming federal election campaign, a Toronto Star and BuzzFeed News investigation has learned.
The Communications Security Establishment (CSE), the country’s cyber defence agency, has briefed senior political staff of one federal party about “covert and overt” attempts to influence the Oct. 21 federal election.
Canada’s domestic spy agency, the Canadian Security Intelligence Service (CSIS), also said Tuesday that “threat actors” are trying to influence Canadian citizens, although the agency tied it to an attack on "democratic institutions" rather than the election specifically.
The agencies would not reveal the exact nature of the attempts to influence but said the scope of “foreign interference activities can be broad,” including state-sponsored or influenced media, hacking, and traditional spy operations.
“Threat actors are seeking to influence the Canadian public and interfere with Canada’s democratic institutions and processes,” wrote Tahera Mufti, a spokesperson for CSIS, in an emailed statement.
“For example, over the years (CSIS) has seen multiple instances of foreign states targeting specific communities here in Canada, both in person and through the use of online campaigns.”
A senior government source said that diaspora communities are being targeted by foreign actors in an attempt to sway the election’s outcome. The source, who has direct knowledge of Canada’s efforts to safeguard the federal election, was granted anonymity to speak frankly about ongoing national security issues.
While national security sources had previously said Canadian political parties have been targeted by sophisticated state-sponsored hacking campaigns, the motive for those campaigns was not publicly linked to attempts to meddle with the election.
Then on Friday, CSE confirmed it is briefing Canada’s major political parties on “covert and overt foreign interference activity” aimed at influencing Canadian voters — although the agency stopped short of publicly confirming such campaigns have already been detected.
The briefings included select security-cleared political staff and discussions around unclassified and classified material, the agency said. Unclassified material would be information already in the public domain while classified would be intelligence gathered by Canada’s spies or security partners.
The federal political parties were briefed so that they can “strengthen internal security practice and behaviours,” the agency wrote in a statement.
“Unfortunately, we cannot discuss the specific information covered in these briefings.”
The agency refused to discuss the nature of any specific threat — or who may be behind it. But the Canadian government currently has strained relationships with some of the dominant players in cyber warfare and espionage.
That includes China, with Beijing demanding the release of Huawei executive Meng Wanzhou, holding two Canadians in detention on spying allegations, and sharply restricting Canadian agricultural exports.
On Tuesday, Prime Minister Justin Trudeau said he had “a number of conversations” with Chinese President Xi Jinping about the detained Canadians — former diplomat Michael Kovrig and businessman Michael Spavor — at the recent G20 meeting in Osaka, Japan.
“This is an issue we take extremely seriously,” Trudeau told reporters in Toronto. “I had a number of conversations with President Xi directly on this and the larger issue of Canada–China relations.”
Other well-known cyber players — Russia, Saudi Arabia, and India — have also had tense relations with Ottawa.
The motivations of those countries differ widely, said Stephanie Carvin, a professor at Carleton University's Norman Paterson School of International Affairs and a former intelligence analyst.
“There is actually a traditional espionage component of this, I’m sure,” Carvin said of hacking attempts against Canadian political parties.
Countries could be looking for blackmail material, for instance, or seeking to understand Canadian politicians internal discussions around hot-button issues.
“They’re going to be looking for a number of things,” Carvin said.
“There’s the traditional espionage component, they’re going to be looking for emails that are potentially embarrassing. The other thing they might be looking for, and this would be a big concern, is understanding how [political staff and politicians] communicate with each other for the purpose of generating forgeries … And then, of course, you get to learn what are the issues that political parties themselves are actually concerned with.”
How seriously Canadian political parties are taking those threats is an open question. While political staff from the major federal parties expect foreign countries to intervene in some fashion — whether publicly or clandestinely — in the election, how they’re protecting against those attempts is largely a secret.
“While the Liberal Party of Canada does not comment on specific security precautions, our party takes these considerations very seriously,” wrote party spokesperson Parker Lund in an email.
“The highest levels of security are implemented for all data, communications, and records … This has also included meetings and briefings for political parties from the Communications Security Establishment and their government partners.”
“Due to the classified nature of the briefings [with CSE], we cannot confirm anything we’ve heard within the briefings,” wrote Cory Hann, the Conservative Party’s director of communications.
“Of course, broadly speaking, the party is concerned with any attempts to improperly interfere with Canadian elections.”
CSE has been pressed into taking a lead role in the federal government’s efforts to safeguard the 2019 vote.
Along with the CSIS, the RCMP, and Global Affairs, the agency is responsible for “working to identify and prevent covert, clandestine, or criminal activities from influencing or interfering with the electoral process.”
In April, CSE predicted it is “very likely that Canadian voters will encounter foreign cyber interference ahead of, and during, the 2019 general election.” The Star and BuzzFeed News previously reported that at least one political party has been the target of sophisticated, state-sponsored hacking attempts — although national security sources could not say if those attempts were related to the upcoming election or more routine espionage.
Political parties have consistently been a weak link for hostile nations to gather intelligence. In the US, France, and most recently Australia, hackers have targeted political parties — and in the first two cases, leaked damaging information about politicians and campaigns.
CSE is also holding monthly teleconferences for federal political parties to “discuss cyber security advice and guidance, as well as a general overview of the threat environment.”
Alex Wilner, a Carleton University professor studying intelligence and defense issues, said Canada’s intelligence agencies could be sending a message to hostile actors that they’re watching.
“This might be them messaging not just political parties and Canadians, but their messaging foreigners, those who are doing the influencing, saying ‘we know what you’re up to’ with not so many words,” Wilner said.
As the election gets closer, Wilner expects foreign interventions to ramp up.
“Any opponent or adversary to Canada would have, you could imagine, would’ve instituted or developed a campaign of influence,” Wilner said.
“If you’re thinking of a state-based adversary, you can imagine that a campaign would be rolling out for a long time previous to the election. And then you’ve got all the trolls, and all the hate-mongers and the rest, who may or may not be part of a more coordinated campaign, jump on the bandwagon as the election approaches.”
BuzzFeed News and the Toronto Star are investigating the ways in which political parties, third-party pressure groups, foreign powers, and individuals are influencing Canada’s political debate in the run-up to this fall’s federal election. This report was published as part of that collaboration.
This story and its headline were changed to reflect that CSIS tied "threat actors" to an attack on "democratic institutions" but not directly to the federal election.