Liberal and Conservative MPs who were targeted by a Chinese hacker group are calling for improved alert mechanisms and a reassessment of the culture of “over-classifying” information.
Tory MPs James Bezan and Garnett Genuis, along with Liberal MP John McKay, testified before the House of Commons Procedure and House Affairs Committee (PROC) on June 13. They were among 18 Canadian parliamentarians targeted by the Chinese state-backed hacker group APT31.
‘Over-Classification’
During the June 13 testimony, Bloc Québécois MP Marie-Hélène Gaudreau asked her colleagues targeted by APT31 if they were satisfied with the CSE’s information sharing and whether “we are over-classifying things.”
Mr. McKay said the two-year delay in information sharing was in part due to inadequate protocols, and called for the committee to focus on creating effective security measures.
“These attacks are massive and the FBI itself feels overwhelmed. So this committee needs, in my view, to start wrestling with our protocols; clearly, the current protocols are not acceptable,” he said, referencing a May 9 briefing that the MPs received from the FBI.
Mr. Bezan expressed the same opinion but added that the government’s culture for how information is classified and shared should also be reviewed.
Accountability
Mr. Genuis called for transparency in governmental actions and individual accountability for decisions impacting MPs’ security.“I don’t think we should use a discussion of systems to abstract from the fact that individuals in those systems made choices, and those choices lead to members of Parliament being more vulnerable to foreign threats,” he said.
Mr. Bezan further proposed a proactive measure to mitigate future risks. He suggested that the House of Commons or Parliament in general publish an annual report on cyberattacks and their resolutions. He said this step would “provide some accountability and also a greater understanding of the evolving cybersecurity threat that we’re in.”
Describing the attack method, Mr. McKay detailed APT31’s use of emails from the domain “nropnews.com” with fake journalist identities. This tactic, known as “pixel reconnaissance,” involves embedding a tracking pixel in a photograph or image. When the receiver opens the email, the tracking pixel can send back limited information to the sender, akin to a phishing expedition.
Mr. Genuis added that this signalled the early stages of broader potential attacks.
During a subsequent panel of the PROC meeting, Liberal MP Judy Sgro and Conservative MPs Tom Kmiec and Stephanie Kusie, who were also targeted by the Chinese hackers, testified and voiced their disappointment.
Ms. Sgro said when she first learned about the attack, “I was furious. I was livid.”
However, once the anger subsided, she expressed “a huge disappointment.” “This is not what I would have expected. But more importantly, you know, it happened, the firewall held, and because of that they felt there was no reason to tell us,” she said.
Ms. Kusie stated, “My sense of disappointment is overwhelming—the fear that consumes you when you think about the possible effects on you, your family.”
