Radomes at the former United States Army Security Agency Field Station. (Shutterstock)
Radomes at the former United States Army Security Agency Field Station. (Shutterstock)

Recent media reports have detailed some previously unknown weapons in Canada’s Communications Security Establishment’s (CSE’s) proverbial “cyber-warfare toolbox”.[1] Among the list of supposed capabilities in Canada’s cyber arsenal is the ability to block access to websites, manipulate traffic flows and conduct cyber-attacks of various kinds, while leaving the false signature of another nation. These tools apparently exist in addition to the CSE’s ability to scoop up large amounts of data for intelligence gathering purposes and its nearly symbiotic relationship with the United States’ National Security Agency (NSA) and other digital spy agencies in the other so-called “Five Eyes.”[2]

To my mind, one question springs to mind when news of larger-than-expected cyber capabilities is revealed. Why does a country like Canada need such capabilities?

In many ways, the cyber realm is likely to be the new battleground of conflict between most countries in the 21st century. A lot of damage can be done through an effectively launched cyberattack against a piece of core critical infrastructure. Imagine it is the dead of a Canadian winter and a foreign nation or terrorist group launches an effective cyberattack against the power grid in Eastern Ontario, knocking out power to Ottawa and its surrounding areas (if not a larger area). Depending upon the region’s level of preparation, the destruction of this attack could be devastating in terms of loss of life, not to mention costly in terms of lost economic potential. Imagine that a terrorist group infects Calgary’s water treatment system with a computer virus so that it fails to record dangerously high levels of some bacteria, sickening thousands. Imagine that the air traffic control system at Pearson International Airport is hijacked by some unknown group and planes start to crash into the ground. All of these attacks are possible (if somewhat improbable) scenarios in the digital age in which we live. 

Now, there are numerous defensive cybersecurity measures in place to try to make sure that these sort of events do not occur; firewalls and air gapping ICTs being two examples. But, if the Cold War taught us anything, it is that sometimes the best way to ensure that everyone lives in peace is to ensure that everyone has the ability to destroy one another, otherwise known as the doctrine of Mutually Assured Destruction (MAD).[3] Cyber weapons that have clear offensive uses do just that. They show the world (or at least those that know you have them) that should you be attacked, you can escalate and retaliate in turn.

The aftermath of the recent Sony Pictures hacks provides a potential example of the need for offensive cyber weapons in the digital age. After the attacks on Sony Pictures and the attribution of these attacks to North Korean operatives, the Internet in North Korea was taken down for a period of time. Although it remains unclear who actually knocked North Korea offline, it is plausible that the United States has some hand in the events, either directly using its own cyber capabilities or indirect via a backchannel request to China. Overall, this action can be plausibly interpreted as a cyber-escalation designed to show North Korea (and the rest of the world) that cyberattacks on companies in the United States that are launched by a state, or a state sponsored, actor will be met with even more severe cyber-retaliation. Once that message gets through, the result could well be like what happened between the two super powers in the Cold War. Peace.

I do not mean to say that some of the CSE’s capabilities are not potentially troubling if used in the wrong way or that there should not be more and far stronger restrictions on how and when the CSE should be allowed to use their capabilities (especially against citizens in Canada and other liberal democracies). I only mean to highlight that developments in warfare technology have shaped the course of history. Political communities that do not keep pace with the development of weapons technology tend to fall by the way side.[4]           



[1] Amber Hildebrandt, Michael Pereira and Dave Seglins, “Communications Security Establishment’s Cyberwarfare Tool Box Revealed,” CBC (March 23, 2015). 

[2] The five eyes include America, Canada, Great Britain, New Zealand and Australia. The grouping was formed after World War 2 to cooperate and share signals intelligence.

[3] Thomas C. Schelling, Arms and Influence (New Haven: Yale University Press, 1967).

[4] J.F.C. Fuller, Armament and History: The influence of armament on history from the dawn of Classical warfare to the end of the Second World War (C. Scribner's Sons, London, 1945).

In many ways, the cyber realm is likely to be the new battleground of conflict between most countries in the 21st century.
The opinions expressed in this article/multimedia are those of the author(s) and do not necessarily reflect the views of CIGI or its Board of Directors.