Key federal agencies ill-equipped to fight growing cybercrime threat, auditor finds

Author of the article:

Canadian Press

Jim Bronskill

Published Jun 04, 2024 • Last updated 28 minutes ago • 2 minute read

Auditor General of Canada Karen Hogan speaks during a press conference at the National Press Theatre in Ottawa, on Tuesday, March 19, 2024. Photo by Spencer Colby /The Canadian Press

OTTAWA — Three key agencies lacked the “capacity and tools” to effectively protect Canadians from cyberattacks and tackle the growing threat of online crime, the federal spending watchdog has found.

Advertisement 2

This advertisement has not loaded yet, but your article continues below.

THIS CONTENT IS RESERVED FOR SUBSCRIBERS ONLY

Subscribe now to read the latest news in your city and across Canada.

Unlimited online access to articles from across Canada with one account.Get exclusive access to the Toronto Sun ePaper, an electronic replica of the print edition that you can share, download and comment on.Enjoy insights and behind-the-scenes analysis from our award-winning journalists.Support local journalists and the next generation of journalists.Daily puzzles including the New York Times Crossword.

SUBSCRIBE TO UNLOCK MORE ARTICLES

Subscribe now to read the latest news in your city and across Canada.

Create an account or sign in to continue with your reading experience.

Access articles from across Canada with one account.Share your thoughts and join the conversation in the comments.Enjoy additional articles per month.Get email updates from your favourite authors.

Article content

In a report Tuesday, Auditor General Karen Hogan describes breakdowns in response, co-ordination, enforcement, tracking, and analysis between and across the organizations.

Hogan’s review looked at the RCMP, the Communications Security Establishment cyberspy agency and the Canadian Radio-television and Telecommunications Commission.

She found people were left to figure out where to make a cybercrime report, and might even have been asked to report the same incident to another organization.

For instance, after learning of an offer to sell child sexual exploitation material, the CRTC did not refer the matter to law enforcement but rather told the complainant to contact police directly.

The auditor also says the RCMP has struggled to staff its cybercrime investigative teams, with almost one-third of positions vacant as of January.

By signing up you consent to receive the above newsletter from Postmedia Network Inc.

Article content

Advertisement 3

This advertisement has not loaded yet, but your article continues below.

Article content

In 2022, victims of fraud reported a total of $531 million in financial losses to the RCMP’s Canadian Anti-Fraud Centre, the report notes. Three quarters of these reports involved cybercrime.

However, only five to 10 per cent of cybercrimes are reported. “Without prompt action, financial and personal information losses will only grow as the volume of cybercrime and attacks continues to increase.”

The report says effectively addressing cybercrime depends on reports going to the organizations best equipped to receive them. While the RCMP, the CSE and Public Safety Canada have pondered a single point for Canadians to report cybercrime, “this has yet to be implemented.”

Between 2021 and 2023, the CSE deemed that almost half of the 10,850 reports it received were out of its mandate because they related to individual Canadians and not to organizations, Hogan found. “However, it did not respond to many of these individuals to inform them to report their situation to another authority.”

Advertisement 4

This advertisement has not loaded yet, but your article continues below.

Article content

The report says the RCMP and CSE were often well co-ordinated in their responses to potential high-priority cases, such as attacks on government systems or critical infrastructure.

In addition, the RCMP, through its National Cybercrime Co-ordination Centre, forged partnerships with Canadian and international enforcement agencies to understand the needs of these agencies and align efforts.

“However, it did not always forward to domestic police agencies requests for information it received from international partners.”

The auditor also found poor case management limited the ability of the Mounties to respond to cybercrime incidents, as well as a lack of RCMP procedures and service standards to manage victim notifications.

The CRTC “does little to protect Canadians against online threats,” the report says.

In one instance, the CRTC deleted evidence and returned electronic devices on an accelerated time frame to a person being investigated for violating anti-spam legislation, to avoid being served with a search warrant by a law enforcement agency.

In addition, the National Cyber Security Strategy developed by Public Safety Canada had critical gaps, such as the absence of the CRTC as a key player, despite its mandate to enforce anti-spam legislation.

Article content

>>> Read full article>>>
Copyright for syndicated content belongs to the linked Source : Toronto Sun – https://torontosun.com/news/national/key-federal-agencies-ill-equipped-to-fight-growing-cybercrime-threat-auditor-finds