We’ll likely never know all the details about the recent cyberattack against the B.C. government. But we deserve to know more than we do now, one month after the attack occurred, and five months before a provincial election in which the potential for foreign interference has been shown once again to be a very real threat.
Government officials revealed Friday that a “state or state-sponsored actor” was likely behind the attempts to breach provincial networks three times over the last month.
“The investigation of the incident is ongoing and we will continue to be as transparent as possible,” said Solicitor General Mike Farnworth.
The promise, though, came during a frustratingly vague press conference.
Who is this state actor? No comment. What did they try and do exactly? That’s classified. How did we stop them? Also classified. Did they steal any data? Nothing “sensitive,” say officials, though they repeated that specific term so often it left the impression it could be a totally different story for non-sensitive information.
B.C.’s head of the public service, Shannon Salter, gave a brief timeline of events but referred detailed questions to the Canadian Centre for Cyber Security. The centre said it “generally does not comment on specific cyber security incidents or possible threat actors” and referred questions back to British Columbia. That’s not transparency.
“Cybersecurity threats are, unfortunately, a constant reality of the modern world,” said Farnworth.
“That's why we put a priority and investments to ensure our systems are secure.”
B.C. spends $28 million annually on cybersecurity, and in 2022 dedicated $50.8 million to upgrade its capabilities. Government officials argue that helped mitigate the attacks by the unknown “threat actor” over the last month. But exactly how, even in general terms, they would not say for fear of tipping off the hackers as to our defensive capabilities.
Nobody wants to help the hackers. But surely the British Columbia public could get a bit more information. How else are we to have confidence that the government is acting in an appropriate way to safeguard the reams of sensitive personal information it holds on our behalf if we can’t even get a basic explanation as to what the threats are and how we are responding?
The situation is even more complicated now by the involvement of some sort of foreign government.
Canada is in the middle of wrestling with that very issue, after an interim report by a federal public inquiry last week found evidence of foreign interference in at least the last two federal elections.
At least one federal riding in B.C. was targeted by China to the point it could have changed the outcome of the election in Steveston—Richmond East, according to the preliminary report from the public inquiry.
There’s no reason to believe our provincial election will be any less of a target. If another country is conducting cyberattacks on B.C. government networks on the eve of that election, the British Columbia public has a right to know what the evidence says before they go to the polls on Oct. 19.
Ottawa last week introduced new legislation to tackle foreign interference in a variety of different ways. In British Columbia, BC United MLA Todd Stone introduced a private member’s bill last week that he said would ban foreign-funded individuals and organizations from disseminating false or misleading information during elections, as well as ban election contributions from, and collaboration with, foreign-related entities.
“This bill modernizes and strengthens our laws to better counteract foreign influences in our political and educational systems,” said Stone.
Yet the NDP government intends to let the bill die on the order paper without offering anything in return on this critical issue during the last week of the spring session.
“When the investigation is done, there will be a full review of what's taken place and lessons learned and we will be able to provide more information to the public,” said Farnworth.
That’s too little, too late. With an election looming, the stakes are too high to sit around for some sort of navel-gazing exercise completed years from now.
The BC NDP is not to blame for the cyberattacks occurring. But they will be to blame soon if they keep letting the risk-averse lawyers, security analysts and bureaucrats call the shots by throttling the flow of public information.
We elect politicians to lead. They take the best advice of the experts, weigh the risks and make decisions in the public’s best interests.
In this case, the best interests of our province — after a cyberattack involving a foreign government, on the eve of an election in a country that’s being targeted by foreign interference — is to release much more information about what’s happened and who is responsible. Immediately.
Rob Shaw has spent more than 16 years covering B.C. politics, now reporting for CHEK News and writing for Glacier Media. He is the co-author of the national bestselling book A Matter of Confidence, host of the weekly podcast Political Capital, and a regular guest on CBC Radio.