NATO Field School Series

The Colonial Pipeline Cyber-Attack: A Warning for Canada

In early May, Canadians watched in bemusement as images started to appear online of cars stretching for blocks, as fear rose over the possible shutdown of the Colonial Pipeline in the eastern U.S and a potential gas shortage. Then, word started to spread that the shortage was due to Russian hackers, and, at least for some Canadians, the situation was filed away as just another chapter in the longstanding feud between rival powers. However, Canadians should not make light of these events. Recently, Canada has been a victim to both Russian hackers and cyber capabilities; moreover, there is an increasing threat of other external actors and groups who pose a substantial risk to Canadians.

Throughout this week of expert briefings, speakers have made it clear that the rising threat of cyber activities is the “new normal,” and Canada and NATO need to become better equipped to deal with this threat. The pipeline incident was just a glimpse of these groups’ potential and the severe consequences such attacks can have on states and the wellbeing of their citizens. In the past year alone, reports have revealed that Russian hackers have accessed Canadian COVID-19 data in an attempt to steal medical and vaccine related information. Beyond stealing information or accessing servers, external online influence campaigns, including targeted misinformation from foreign entities, can profoundly affect Canadians and emphasize societal issues. Recently evidence has surfaced supporting the conclusion that external campaigns targeted Canadian citizens to amplify COVID-19 anxieties and vaccination misinformation, resulting in enhanced societal dissent, confusion, and possible new waves of infection attributed to stalling inoculations.  

Misinformation and hacking are not unique to the pandemic environment;foreign campaigns have previously targeted western states to manipulate significant geopolitical events. Russia was found to have interfered in the U.S. 2016 election, amplifying conspiracy theories that the 2020 U.S presidential election was invalid, and  conducting influence campaigns in NATO member states to distort perceptions on migration and NATO operations. Canada itself was implicated when Canadian troops were presented as a covid threat in Latvia through a misinformation campaign.  Targeted misinformation attacks, though seemingly innocuous, have the power to destabilize states and create cleavages both internally between citizens and externally between allies. NATO may face splintering and fragmentation as cyber actors attempt to deepen divides between member states and cause friction. Canada is not special: just like our allies Canadians are also vulnerable. The Government of Canada’s 2020 National Cyber Threat Assessment claims that Canada is at severe risk for state-sponsored cyber threats and attacks. 

One of the biggest questions when discussing cybersecurity is not necessarily how to prevent cyber-attacks but what to do when they happen. NATO members operate under the premise of collective action; however retaliation to cyber-attacks is a puzzle within the alliance. The treaty was created prior to the inception of cyber warfare and only considers armed retaliation as legitimate, leading to debate over the classification of cyber-attacks. Even if classification was agreed upon, attribution remains a problem – it is near impossible to definitively trace a cyberattack to an actor, and therefore impossible to confidently react to an attack. For example, while the Colonial Pipeline attack was perpetrated by Russian hackers, the Russian government remains able to avoid responsibility for it. There is not  enough evidence to claim these hacking groups are state-sponsored or mandated, which eliminates the option of reacting to Russia directly; concurrently, states are unable to conduct counterstrike operations against lone wolves, leaving state actors vulnerable to attack without the possibility of retaliation. 

The alliance continuously attempts to adapt to modern warfare through its Cyber COE, best practice and information sharing principles among partners, and negotiation at the leadership level to incorporate cyber-attacks in Article 5 considerations. However, despite the positive steps that NATO has taken, the organization is limited in invoking Article 5 due to the nature of NATO consensus, and there is still a long way to go in terms of fully understanding the nature of modern warfare.

Parallel to the collective retaliatory efforts undertaken by NATO, individual states must build their cyber and defensive capabilities. Canada needs to continue the focus on cyber defence as an integral part of national security and invest in cyber capabilities. An attack on critical infrastructure, such as an electricity grid, could have devastating impacts from which Canada would struggle to recover. In addition, Canada should aim to educate its population in detecting misinformation and how to gain the tools needed to protect themselves against cyber-attacks. Without such tools, Canadians are susceptible to foreign influence and this vulnerability can be a liability itself to the security of Canada. 

Referring to the case of the Colonial Pipeline, the U.S. should consider itself lucky – no one died as a direct result of the incident; however, this won’t always be the case. As threats change, so too must Canada and NATO adapt their reaction to external threats in order to protect their citizens and critical infrastructure. To be sure, cyberwarfare is rife with uncertainties and questions; its complexity and ability to circumvent collective military responses will require all our combined skills and cooperation to combat, but it is a challenge NATO can handle with the right motivation and resources. From measures such as the Cyber Defense Pledge to the Cyber Rapid Reaction Teams, NATO understands that cyber-attacks may pose as great of a threat as physical warfare and recognizes that continuing with collective action and response is crucial for the defense of its members.  

Photo: Cybersecurity (2018), by Tumisu via Pixabay. Public Domain.

Disclaimer: Any views or opinions expressed in articles are solely those of the authors and do not necessarily represent the views of the NATO Association of Canada.

Danna Houssian
Danna is a Political Science MA student at Simon Fraser University. Her primary research interests are the politics of migration and refugees and, as a current student of the NATO Field School, international relations and defence. She enjoys hiking and exploring beautiful BC in her spare time.