Slides reveal Canadian CSE secret hacking capabilities

The last collection of top-secret slides leaked by Snowden and disclosed by media agencies reveal the hacking capabilities and platforms of Canadian CSE.

The last collection of top-secret documents leaked by the whistleblower Edward Snowden, and published by The Intercept  and the Canadian Broadcasting Corporation,  leaked documents reveal the Canadians are a dab hand at cyber-stuff, both defensive and offensive.

Top-secret files, published by the Canadian Broadcasting Corporation and The Intercept, show that the Canadian intelligence has improved its cyber capabilities by developing its own technology to protect the country from threats. The set of documents provided detailed information on the hacking capabilities of the Government of Canada, we are speaking of cyber weapons that could be used also to compromise adversary’s systems.

“Canada’s electronic surveillance agency has secretly developed an arsenal of cyberweapons capable of stealing data and destroying adversaries’ infrastructure, according to newly revealed classified documents.” states The Intercept.

Exactly as the NSA, also the Communications Security Establishment (CSE) has run hacking campaign to compromise computers of foreign states to gather sensitive information and secrets. According to the documents, the Canadian state-sponsored hackers hacked into computers in Europe, Middle East, North Africa and Mexico.

One of the document leaked by Snowden and dated 2011 suggests that the CSE has access to a series of sophisticated malware that was developed by the NSA. The tools are part of a program coded as QUANTUM.

The documents also made explicit reference to the EONBLUE program, run by CSE for Global Network Detection operations, that was conducted to gather sensitive data from the movement of traffic online.

The EONBLUE platform has both offensive capabilities of government-malware and heuristics process the early identification of cyber threats. The secret report confirms that Canadians Communications Security Establishment (CSE) has a set of tools in its arsenal to compromise or destroy enemy’s infrastructure exposed to the Internet and heuristic processes for the early identification of cyber threats.

EONBLUE has ability to “scale to backbone internet speeds”, for this reason, experts speculate that the Canadian spies have access to telecom operators and undersea cables. The Communications Security Establishment (CSE) claims it has the ability to run “false flag” operations to deceive victims on the possible source of the cyber attacks.

The documents provide further information about the

It’s not a mystery, Canadian Intelligence works in strict collaboration with the remaining agencies of the Five Eyes group (Canada, US, UK, Australia, and New Zealand), in 1986 Canada signed an “Information Assurance” (IA) deal with the US on intelligence operations. One slide reveals the existence of an Australian extension of EONBLUE operated directly by the Australian Signals Directorate.

“Cooperation efforts include the exchange of liaison officers and integrees, joint projects, shared activities and a strong desire for closer collaboration in the area of cyber defense,” the document reads. “Since Canada has a limited ability to produce cryptographic devices, it is a large consumer of US IA products.”

In an official statement, the Canadian CSE  explained that it could not comment the revelation made by Snowden:

“CSE cannot comment further on operations, methods or capabilities, as that would constitute a breach of the Security of Information Act,” wrote CSE spokesperson Ryan Foreman in a statement. “Furthermore, we regret that the publication of techniques and methods, based on stolen documents, renders those techniques and methods less effective when addressing threats to Canada and Canadians.”

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs –  CSE,  intelligence)

[adrotate banner=”13″]