Politics

Cyber security expert briefs parties on protecting themselves during election campaign

One of Canada's top cyber security experts says he's been quietly giving the main political parties threat briefings in the lead-up to the upcoming federal election.

'Thinking about how this could be turned against you is really important.' - Scott Jones, CSE

Scott Jones, head of the Canadian Centre for Cyber Security, says political parties need to think hard about how information technology can be turned against them. (Justin Tang/Canadian Press)

One of Canada's top cyber security experts says he's been quietly giving the main political parties threat briefings in the lead-up to the upcoming federal election.

"It's an ongoing conversation," Scott Jones, head of the Canadian Centre for Cyber Security within the Communications Security Establishment, told CBC News in an interview.

"We told them basic cyber security matters. Taking action and thinking about how this could be turned against you is really important."

Earlier this week, Canada's chief electoral officer raised concerns about the parties' abilities to protect themselves from cyberattacks.

"They don't have access to the resources we have access to," Stephane Perrault told the Canadian Press in an interview.

"Securing [computer] systems is quite expensive ... Even the larger parties have nowhere near our resources and you've got much smaller parties with very little resources."

With thousands of volunteers involved in election campaigns, Perrault said it's difficult to ensure no one falls prey to "fairly basic cyber tricks" like phishing — ploys that could give hackers access to party databases.

That why Jones said his meetings often revolve around the basics.

"The fact is that everything we do, it's being recorded and it's online, it needs to be thought of. Taking action to protect social media accounts, taking action to protect your online presence and leveraging the best available commercial defences makes a big difference," he said Thursday.

"It makes you a harder target and so investing in the basics is really important here."

'We've done everything we can'

It's advice he's also sharing with MPs themselves. Their own online behaviour was put under the microscope late last year when MP Tony Clement was sidelined by a sexting scandal and ejected from the Conservative caucus.

"It reminds us that we all have to be vigilant, especially those of us in the public eye," Jones said.

"Thinking before you're posting things and realizing that it might not be the person you think on the other end. Unfortunately, the online environment was not designed for security. It's designed for convenience."

Cory Hann, director of communications for the Conservative Party, said they're heeding CSE's advice and are prepared.

"We had a meeting with CSE, and found it productive. We take the security of our information very seriously and take every precaution to keep it safe and secure."

Braeden Caley, senior director of communications for the Liberal Party, says his people are taking precautions as well.

"The highest levels of security are implemented for all data, communications, and records, and we continually update our processes and review international best practices (including from the Communications Security Establishment) to further enhance the Liberal Party's strong information security measures," he said in an email.

Jones didn't underplay the possibility that the election could be tampered with, but said CSE has "done everything we can" to make sure it's protected from foreign interference.

"There will be things that will happen, but the fact is we've done everything we can to make sure that the Canadian democracy continues to grow and adapt to the new world we're facing," he said.