Canada's spy service, the Canadian Security Intelligence Service (CSIS), has received a judge's authorization to neutralize malware-infected devices used by foreign adversaries. This unprecedented move grants CSIS the power to take action against cyber threats targeting Canada's critical infrastructure.
A Federal Court ruling, made public this week, details CSIS's request for a warrant to "remove the compromised devices from Canada" to safeguard sensitive systems. The ruling indicates that this is the first time CSIS has been granted a Cyber Threat Reduction Measures Warrant, a tool introduced as part of a national security overhaul in 2017. The measures authorized by the warrant, such as altering, degrading, or destroying data on infected machines, would otherwise constitute criminal offenses under the Criminal Code.
The threat originated from two botnets, networks of compromised devices controlled by foreign actors. These compromised devices include servers, home office routers, and everyday Internet of Things (IoT) devices like security cameras and smart appliances. The warrant was initially granted on May 1, 2024, and renewed on August 29, 2024. The court found that the actions of these foreign adversaries posed a clear and imminent threat to Canada's security, and the authorized measures were deemed necessary and proportional.
This development underscores the evolving landscape of national security and Canada's commitment to adapting its strategies to combat sophisticated cyber threats. The ruling highlights the collaboration between CSIS and the Federal Court in addressing these challenges while respecting legal frameworks.
