Services and information
CSE’s mandate authorizes us to conduct foreign cyber operations to help protect Canada and Canadians.
These operations may be defensive or active.
Defensive cyber operations
CSE may use defensive cyber operations to defend Canada against foreign cyber threats by taking online action.
For example, CSE could prevent cyber criminals from stealing information from a Government of Canada network by disabling their foreign server.
This authority can also be used to defend systems designated by the Minister of National Defence as being of importance to the Government of Canada, such as:
- energy grids
- telecommunications networks
- healthcare databases
- banking systems
- elections infrastructure
Active cyber operations
Active cyber operations allow CSE to take online action to disrupt the capabilities of foreign threats to Canada, such as:
- foreign terrorist groups
- foreign cyber criminals
- hostile intelligence agencies
- state-sponsored hackers
For example, CSE could prevent a foreign terrorist group from communicating or planning attacks by disabling their communication devices.
The threats we disrupt must relate to international affairs, defence or security.
How cyber operations are authorized
Defensive and active cyber operations must be authorized by the Minister of National Defence.
The Minister of Foreign Affairs must also be consulted for defensive cyber operations and must consent to active cyber operations.
Cyber operations must not:
- target Canadians or anyone in Canada
- interfere with the course of justice
- interfere with the course of democracy
- cause death or bodily harm, either deliberately or by criminal negligence
Like all our activities, these operations are subject to review by the National Security and Intelligence Review Agency (NSIRA) and the National Security and Intelligence Committee of Parliamentarians (NSICOP).