Canada and Sweden, the Cyber Security Romance
Because, like in international hockey, they both fear the Russians.
A slide from the documents Motherboard obtained.
Canada—a country known for repeatedly falling prey to Chinese hackers gleaning important intelligence from its servers—is, according to government documents, a model of cybersecurity for fellow Arctic nation Sweden.
Unclassified documents obtained under the Access to Information Act show that Canadian security officials gave a Swedish governmental advisory committee a presentation on the Canadian cybersecurity strategy in September 2013.
Apparently hungry for a world tour of security-related Powerpoints, the traveling Swedish delegation had already made trips to Singapore, Japan, the US, Norway, and Germany before visiting Ottawa to see how the Canadians designed their cybersecurity regime.
The presentation, undertaken by top security officials from the department of Public Safety and the Royal Canadian Mounted Police, covered seemingly mundane topics, like the methodologies surrounding cyber incident mitigation and how the department balances its agencies—among which, it counts the Canadian Security and Intelligence Service.
But it gets more interesting: According to the presentation notes, the Canadian Cyber Incident Response Centre pools from domestic intelligence agencies and Five Eyes allies to produce "mitigation advice" and "incident handling" expertise to the top levels of government.
Though Canada is already a member of the Five Eyes intelligence collective, along with Britain, New Zealand, Australia, and the US, in late September the Harper government committed to an "a new arrangement" with Sweden "that will allow them to work together on science and technology projects surrounding public safety and security issues of mutual interest."
In essence, both countries will leverage the brightest scientific minds from both sides of the Atlantic in creating better military and security systems. In that context, the presentation is a peek into the increasingly-interconnected cybersecurity infrastructure being developed by friendly nations worldwide.
Per public statements, part of the vague mutual security arrangement will see top military scientists from Canada exchanging information with Swedish counterparts on "community resilience, national risk assessment methodologies, cybersecurity, critical infrastructure, extreme space weather, crisis communication and social media."
In their presentation, Canada Public Safety officials told Swedish officials about the need to "strengthen security of federal information systems" and to "improve cyber hygiene throughout the government."
Interestingly, the documents also show a Canadian eye for "cost-effectiveness", a frequently trumpeted line from the Harper government.
"On August 4, 2011, the Government began to streamline its IT architecture," the presentation notes. "Once complete this will produce savings and will reduce the Government's footprint; strengthen security and the safety of government data to ensure Canadians are protected; and realize economies of scale and make it more cost effective to modernize these IT systems."
Canadian Public Safety officials stressed the importance of public awareness and showcased their own "Get Cyber Safe" social media campaign. The Swedes were also given a rare peek into Canada's cyber incident management system and how agencies like CSEC and CSIS coordinate responses to an "escalation" in threats.
In a government release announcing the partnership, Helena Lindberg, Director General of the Swedish Civil Contingencies Agency, said the plan is to tackle mutual "transboundary" challenges.
"I am looking forward to seeing the results from the collaboration between Sweden and Canada with the common goal of strengthening our capacity to reduce risk and respond to challenges ahead," Lindberg said.
Improve cyber hygiene throughout the government
While the 2013 meetings seemed like more of a fact-finding mission for the Swedes, the two governments have since moved to take very real, concrete steps in coordinated intelligence sharing.
While China's vaunted cyberwarfare skills are an obvious concern, those "transboundary" challenges could very well be the mutual incursions of Russia. Both Canada and Sweden have reported the aggressive tactics of Russian MiG military jets closing in on in their mutual airspaces. With the Russia army making advances into Ukraine, nieghbouring countries like Canada and Sweden, were put on high alert, even if the chances for an invasion are slim.
The return of Cold War era tensions puts a country like Sweden in the middle of NATO and Russia. Though not a member-state, Sweden has moved to strengthen its ties to the military collective, ostensibly to protect itself against Russian aggression, which has upset the Putin regime.
This sort of military intelligence sharing with Canada signals Swedish intentions to come closer to the NATO fold.
And in the new era of Russian fly-bys and special forces storming Eastern Ukraine, the Swedes probably want to be more like the Canadians: hockey gold medalists and under the protection of the Five Eyes.