December 11, 2009 | Commentary on National Security and Defense
Wake the president. It's 3 a.m. and the phone is ringing. Loudly. A terrorist group has breached the firewall of the SCADA, the Supervisory Control and Data Acquisition system that controls the flow of major oil and natural gas pipelines throughout North America. Terrorists inserted a command that causes pressure gauges throughout the network to send pumps into overdrive. Pipelines have split, setting off spills, fires and explosions in multiple locations.
It gets worse. Within an hour, the malicious hackers have intruded into the national electrical grid, setting off power failures that stretch from Toronto to Baltimore.
Frantically analyzing the situation, security experts are able to identify the origin of the attacks. The president declares the incidents an act of war and orders a retaliatory strike: The enemy -- Canada.
While the scenario above is fiction, it is anything but science fiction. And the likelihood of a cyberattack coming from Canada is anything but unlikely.
That is not to say that Canada is a national security threat. Though they were on the wrong side of the American Revolution and the War of 1812, for the past century or so the Canadians have been the best security neighbor any nation could hope for. They've been our brothers-in-arms in two world wars, a cornerstone of NATO, and a hard-and-fast battle buddy in Afghanistan.
Cyberthreats, however, can come from anywhere. Serious malicious actors, like the Russian Business Network (RBN), specialize in covering their tracks by routing them through servers in third-party countries. RBN also sells franchises and markets its services worldwide.
For groups like RBN, the Internet is a cash cow. They use it to steal personal identity information for resale. They also act as "service providers" for others, such as those wishing to distribute child pornography or computer viruses. They hire out to hijack computers through "botnets." And they are rumored to be happy to conduct massive denial-of-service attacks - such as those that struck Estonia and Georgia -- for a price.
Groups such as RBN can operate anywhere, and the northern part of North America is as good as any. Canada is a well-wired country. Almost 80 percent of the population uses the Internet. Broadband is widely available. Canada also hosts some of the best university computer-science programs in the world.
Our neighbors to the north also have a huge backdoor into the U.S. cyberworld. Much of the infrastructure of the two nations - from railroads to aviation to pipelines and electrical systems -- are inextricably linked. Canada is also America's largest trading partner, and today trade is linked by computer systems. Many of the links in the U.S. supply chain start or end up north.
It's a hard fact, then, that U.S. cyberspace can't be secure absent a solid partnership with our neighbor to the north. And certainly Canada should take the cybersecurity mission seriously as well because its safety is as dependent on us as we are on them.
But here's the rub. Canada has scarce manpower to address the problem. They have 62,000 law enforcement agents. But only about 200 work on cybercrimes. The Canadian military has more than 2,500 soldiers dedicated to the cybermission - but none are focused on homeland security. As currently organized, Canada just can't do much to fight cyberterrorism.
But Canada's already substantial military cyberforce constitutes a great place to start in building a strong cooperative effort with the United States.
Luckily, a working vehicle for a cyberdefense alliance already exists. It's NORAD. The U.S. and Canada jointly set up the North American Aerospace Defense Command during the Cold War to provide early warning of incoming Soviet bombers and missiles. Today, the command serves a very different function, monitoring North American airspace and maritime routes for transnational threats. The great strength of NORAD is that each nation retains command of its sovereign forces, but NORAD allows for seamless sharing of information and intelligence and real-time coordination of operations.
Through NORAD the Canadians could coordinate their activities with all the major U.S. commands involved in cyberdefense. Likewise, the two nations would have a structure to organize information and partnership exchanges, technology sharing, and communications regarding lessons learned and best practices.
Cybersecurity, of course, requires a lot more than just military-to-military cooperation. After all, most cybersystems, upward of 90 percent, are in the private sector. Nevertheless, national defense forces are a natural place to start. Expanding NORAD's mission to include the defense aspects of cybersecurity ought to be a multinational no-brainer.
James Jay Carafano, Ph.D., is Assistant Director of the Kathryn and Shelby Cullom Davis Institute for International Studies and Senior Research Fellow for National Security and Homeland Security in the Douglas and Sarah Allison Center for Foreign Policy Studies at The Heritage Foundation.
First Appeared in the Washington Times