The federal government is taking steps to protect Canada’s critical infrastructure with dual announcements of the Canadian Cyber Incident Response Centre (CCIRC) and a partnership program with Microsoft. The CCIRC, which now has a physical location, will act as a focal point for dealing with cyber
security threats, says Julie Spallin, manager of the newly formed centre. It goes beyond the steps taken under the former Office of Critical Infrastructure Protection and Emergency Preparedness in that it is more operational, she says.
“”We need one spot in an emergency where all the information comes in, all the tasking goes out and everything is co-ordinated so … it has been given a much more central role in operations as opposed to being a division in a department,”” says Spallin.
The centre has been operational for a couple of months.
“”We have been focusing on information exchange,”” Spallin says. “”That really is the lifeblood of the centre — how do we exchange information with the private sector and other levels of government, the nuts and bolts operational information, such as incident reports and summary information from various jurisdictions in terms of what they’re seeing in terms of threats, as well as information from vendors in terms of what they’re seeing.””
What the government is seeing, she explains, is, for the most part, viruses.
“”The viruses dominate; they’re the noisiest,”” she says. “”What we’ve seen over the last months and from talking to other partners is there seems to be a trend from the big denial of service viruses that cause services to come down — the slammers, the blasters. It’s more now viruses that contain back doors and bots that allow for more intrusion and that type of threat.””
To keep government users and citizens informed of the latest threats and the best ways to respond to them, CCIRC will have a Web site people can visit. As well, says Spallin, it will use a combination of a push and pull approach, by pushing information out daily to specific sectors and to those on various lists, and working with the provinces to co-ordinate information flow.
Microsoft also recently announced its global security co-operation program, a no-fee program designed to help governments better protect themselves against the threats posed by viruses and hackers by exchanging information about publicly known vulnerabilities Microsoft is investigating, upcoming and released software updates, security incident metrics and Microsoft product security data.
So far, Canada’s PSEP, Chile’s Ministry of the Interior, Norway’s National Security Authority and the State of Delaware’s Department of Technology and Information are signed on as participants in the program. John Weigelt, chief security advisor for Microsoft Canada, says the plan is to start off with a small number of participants of varying sizes and locations and expand to other interested and eligible nations. But, he adds, “”In the process by which we let people know what the program entails there is a great deal of confidentiality that is required as we move along.””
Weigelt says governments have recognized the need for the private sector to play a role in critical infrastructure protection.