The threat landscape to critical infrastructure in Canada is evolving, with increasing risks posed by terrorism, right-wing extremism, and lone wolf attackers. Each of these threats presents unique challenges and vulnerabilities to the nation's critical systems and services.
Terrorism and Critical Infrastructure: Traditional terrorist threats to Canada have predominantly stemmed from extremist groups motivated by various ideologies. These groups often target critical infrastructure to maximize impact and garner attention. Such attacks aim to disrupt essential services, cause economic damage, and instill fear in the population. Canada's critical infrastructure, including transportation systems, energy sectors, and communication networks, remains at potential risk from organized terrorist plots, which could involve sophisticated methods and coordination.
In recent years, Canada has witnessed a notable rise in right-wing extremism, which poses a significant threat to its critical infrastructure. Right-wing extremist groups in Canada are known for their anti-government sentiments and have increasingly adopted violent tactics. These groups often target symbols of government authority and are motivated by a range of factors, including xenophobia, anti-immigrant sentiment, and radical nationalist ideologies. The threat from these groups is heightened by their propensity to use online platforms for recruitment and planning, making their activities more challenging to monitor and counter.
We recently spoke on lone wolf attackers who represent a particularly insidious threat to critical infrastructure due to their unpredictability and the difficulty in detecting their plans. These individuals act independently, without direct support or command from a larger group, and are often radicalized online. Lone wolf attacks can range from low-tech methods, such as vehicle ramming and small arms attacks, to more sophisticated tactics involving explosives or cyberattacks. The decentralized and isolated nature of lone wolf terrorism makes it a complex challenge for Canadian security and intelligence services.
One notable physical attack against Canada's electricity sector was in 2014, where an airplane attack on Hydro-Québec transmission lines resulted in significant damages and a short power outage affecting customers in the US and Ontario. This incident highlights that actors lacking sophisticated cyber capabilities may resort to physical means to disrupt essential services.
With the increasing digitization of critical infrastructure, cybersecurity has become a paramount concern. Lone wolf attackers, as well as organized terrorist groups and right-wing extremists, may exploit vulnerabilities in digital systems to cause disruption. Cyberattacks could potentially cripple essential services such as electricity grids, water supply systems, and communication networks, leading to widespread impact on public safety and the economy.
The Canadian government and law enforcement agencies are continuously adapting their strategies to address these evolving threats. This includes enhancing intelligence-gathering capabilities, increasing collaboration between different levels of government and the private sector, and implementing more robust cybersecurity measures. Public awareness campaigns and community engagement are also vital in identifying and preventing potential threats to critical infrastructure. The Government of Canada has made cybersecurity a priority, with significant investments to enhance the resilience of the energy sector. This includes funding for projects like the development of an enhanced cybersecurity system by the University of Waterloo, aimed at detecting compromised parts in the supply chain, and a playbook by a Canadian engineering company to provide guidelines for countering cyber attacks.
There is a need for continuous investment in intelligence and security infrastructure to keep pace with the evolving nature of these threats. Effective communication and information sharing between various stakeholders are crucial in identifying and mitigating risks to critical infrastructure.
Recent threats to the United States power grid and infrastructure have been characterized by both physical security and cybersecurity challenges, each posing significant risks to the stability and safety of these critical systems. The US power grid was physically attacked 107 times in the first eight months of 2022, more than in any other year in the last decade. The damage, caused mainly by gunfire, triggered power outages affecting tens of thousands of Americans.
There has been a notable rise in physical attacks on the power grid, with incidents such as the shooting attacks on two North Carolina substations in December causing widespread power outages. These attacks have been linked to extremist groups, including white nationalists and far-right extremists, who are disseminating tactical information online on how to disrupt power supplies. As the power grid expands to incorporate more renewable energy sources and to meet the rising demand for electric vehicle charging, the number of potential attack points increases. This expansion exacerbates the vulnerabilities in local electrical substations and distribution lines, which are crucial components of the grid infrastructure.
There is an issue with the inconsistency in reporting physical attacks on the grid. Many incidents, particularly those not causing major outages or involving significant equipment, may not meet the reporting thresholds set by federal regulations. This leads to potential underreporting and difficulties in tracking and addressing these physical threats effectively.
The grid distribution systems, which carry electricity from transmission systems to consumers, have become more vulnerable due to their increasing reliance on remote access and connections to business networks. This opens up opportunities for cyber threat actors to potentially disrupt operations. According to the Director of National Intelligence's 2022 Annual Threat Assessment, nations and criminal groups are the most significant cyber threat actors to the U.S. infrastructure. They are increasingly capable of executing sophisticated cyberattacks on the grid. Despite the Federal Energy Regulatory Commission (FERC) having approved mandatory grid cybersecurity standards, there is a gap in these standards as they do not fully address the comprehensive federal guidance for critical infrastructure cybersecurity. This gap includes a lack of a full assessment of cybersecurity risks to the grid, leaving it exposed to potential coordinated cyberattacks.
The increased risks to Canada's critical infrastructure from terrorism, right-wing extremism, and lone wolf attackers require a multifaceted and proactive approach. This approach should encompass enhanced security measures, intelligence-gathering, cybersecurity, and community engagement to effectively mitigate these evolving threats.
At BlueSky, we offer our clients unparalleled access to analyst-verified monitoring, actionable intelligence, and proactive insights into protests and potential disruptions in real-time. Our commitment is to deliver intelligence that is not only insightful but also deeply rooted in human expertise. We pride ourselves on delivering intelligence that is insightful and human-centric, because "Our best intelligence is not artificial."
If you have additional questions about this report or would like more information on BlueSky, reach out to our team directly: [email protected]