Public Report 2014-2016

Public Report 2014-2016Public Report 2014-2016

Director's message - Transcript/Captions

As the Director of CSIS, I am pleased to launch our Public Report and to talk to you about some of the key trends affecting our country’s national security.  It should come as no surprise that terrorism and violent extremism remained the most immediate threat to Canada’s national security during the period covered by this report, and represented our top priority.

The number of terrorism-related threats, the speed at which they evolve, and the use of technology and social media, has created some very real and complicated challenges for the Service.

Daesh, in particular, has developed a robust social media presence, allowing it to successfully recruit thousands of individuals, including Canadians, to travel to Syria and Iraq.

These extremists also pose a potential threat if they return to Canada. For instance, they may radicalize others, help with logistics and financing for those who may want to travel abroad, or engage in attack planning here in Canada.  Terrorism is a global threat and we are not immune from its reach.

We don’t need to look too far back to remember the attacks in Saint-Jean-sur-Richelieu and Ottawa in 2014 and at an armed forces recruiting centre in Toronto in early 2016. There was also the incident in Strathroy, Ontario during the summer of 2016 where police intervention prevented a terrorism suspect from carrying out an attack. These instances demonstrate yet again how the path to radicalization often ends tragically.

Eleven Canadians abroad have also been killed by attacks in Indonesia, Burkina Faso, Somalia, the Philippines, and Jordan.  These sobering events serve as a stark reminder of the threat we are facing.

While terrorism is the current focus of our operational activities, it is by no means the only security threat we investigate. The Service also investigates espionage, the proliferation of weapons of mass destruction, and cyber threats.

Our country continues to be the target of malicious cyber-attacks by foreign actors, which can have long term economic impacts on our security.

Furthermore, a number of states continue to engage in foreign interference and traditional espionage as they attempt to gather sensitive information in Canada.

Our successful technology sector is consistently targeted for illicit procurement by those pursuing advanced technology.

This includes those who would use that information to develop weapons of mass destruction.

Publically discussing the nature of our work can be difficult.  Balancing transparency and accountability with our operational requirements is an ongoing effort that we respect and take seriously.   We recognize that having an informed public debate is essential to ensuring public confidence in our activities, which in turn, helps us to protect our country.

This is one reason why we support the Government’s commitment to conduct consultations on national security issues, including the recent legislative changes to our authorities. Moreover, CSIS recognizes the importance of openness and transparency with the Federal Court and is working closely with the Department of Justice to ensure we meet our obligations. We are also committed to supporting the work of the proposed National Security and Intelligence Committee of Parliamentarians.

The people of CSIS are dedicated to the protection of Canada’s national security interests and the safety of Canadians. We are continually reassessing our methods of operation so that we can effectively respond to this dynamic and complex security environment.  At the same time, Canadians can rest assured that we undertake this work with the utmost respect for the fundamental rights and freedoms that we seek to protect.

Thank you.

The principal terrorist threat to Canada remains that posed by violent extremists who could be inspired to carry out an attack in Canada. Violent extremist ideologies espoused by terrorist groups like Daesh and Al Qaeda (AQ) continue to appeal to certain individuals in Canada.

Infographic: A terrorism timeline of incidents involving Canadians between October 20, 2014 and September 30, 2016. Long description below.

Long description of infographic: Terrorism timeline

Read more about terrorism

2016 Public Report on the Terrorist Threat to CanadaThe principal terrorist threat to Canada remains that posed by violent extremists who could be inspired to carry out an attack in Canada. Violent extremist ideologies espoused by terrorist groups like Daesh and Al Qaeda (AQ) continue to appeal to certain individuals in Canada.

As in recent years, the Government of Canada has continued to monitor and respond to the threat of extremist travellers, that is, individuals who are suspected of travelling abroad to engage in terrorism-related activity. The phenomenon of extremist travellers—including those abroad, those who return, and even those prevented from travelling—poses a range of security concerns for Canada. As of the end of 2016, the Government was aware of approximately 180 individuals with a nexus to Canada who were abroad and who were suspected of engaging in terrorism-related activities. The Government was also aware of a further 60 extremist travellers who had returned to Canada.

The threat environment has also evolved beyond Canada’s borders. Daesh has continued to dominate the landscape in the Middle East, where other terrorist groups such as Jabhat al-Nusra and Hizballah also operate. Elsewhere in the Middle East, Al Qaeda in the Arabian Peninsula (AQAP) has taken advantage of the civil conflict in Yemen to capture territory there and strengthen itself. In addition, 2016 saw Daesh’s expansion in Africa, and Boko Haram (now rebranded as a Daesh affiliate in West Africa) continues to pose a major threat to regional stability. In South and Southeast Asia, Daesh expansionism and entrenched regional groups shaped the threat environment.

Canadians and Canadian interests are also affected. Canadian Armed Forces (CAF) personnel, government officials and private citizens are under constant threat in certain regions. In September 2015, two Canadians were kidnapped in the Philippines. Both were killed by their captors in the spring of 2016. In January 2016, an AQ-affiliated group based in Mali attacked a hotel in Burkina Faso, killing six Canadians. That same month, attackers linked to Daesh targeted a coffee shop in Jakarta, Indonesia, killing one Canadian. In June 2016, a Somali government minister with Canadian citizenship was killed in an Al-Shabaab terrorist attack on a hotel in Mogadishu, Somalia. Also in June, 15 Nepalese security guards who protected the Embassy of Canada to Afghanistan in Kabul were killed when terrorists targeted the bus that was transporting them to work.

International Cooperation

The international security environment continues to result in increased threats to Canada and its interests, both domestically and abroad. Ongoing conflicts in several regions of Africa, the Middle East, Asia, Eastern Europe and elsewhere show no signs of abating and continue to have serious national and international security implications. Worldwide incidents of terrorism, espionage, weapons proliferation, illegal migration, cyber-attacks and other acts targeting Canadians—directly or indirectly—remain ever present. Since the bulk of such threats originate from (or have a nexus to) regions beyond Canada’s borders, CSIS needs to be prepared and equipped to investigate the threat anywhere. 

Additionally, certain security threats continue to evolve. Over the past several years, the globalization of terrorism, fueled by elaborate online propaganda videos by extremist groups, has expanded the breadth of radicalization. In some instances, individuals influenced by extremist ideology and driven by a need to feed their sense of belonging have travelled (or attempted to travel) abroad to participate in terrorist activity. Others may continue to support their extremist ideology through training, fundraising, recruitment and attack planning within Canada. As the threat posed by ‘foreign fighters’ is international in scope, a global reach is an absolute necessity in efforts to track and thwart threats to Canada and its allies posed by such individuals.

Furthermore, while the international focus has been on countering terrorism, espionage threats remain ever present and have become far more complex due to continuing advancements in technology and the globalization of communications. On the cyber front, foreign governments and hackers continue to exploit the Internet and other means to target critical infrastructure and information systems of other countries.

Such threats cannot be countered in isolation, and CSIS must remain adaptable in order to keep abreast of developments in both the domestic and international spheres. Despite differences in mandate, structure or vision, security intelligence agencies around the globe are all faced with very similar priorities and challenges. To meet the Government of Canada’s priority intelligence requirements, CSIS maintains a well-established network of relationships with foreign agencies. In accordance with s.17(1)(b) of the CSIS Act, all such arrangements are authorized by the Minister of Public Safety and supported by the Minister of Foreign Affairs. These arrangements provide CSIS access to timely information linked to a number of threats and allow the Service (and, in turn, the Government of Canada) to obtain information which might otherwise not be available.

As of March 31, 2016, CSIS had established over 300 foreign arrangements in some 150 countries. Of those, 69 remain defined as ‘Dormant’ (due to a lack of need for engagement or exchanges for a period of one year or more), while nine remained defined as ‘Restricted’ due to concerns over the affected agencies’ respect for human rights or its reliability. The human rights reputations of foreign agencies with which CSIS engages is not something which the Service takes lightly. In order to mitigate potential risks of sharing information, CSIS regularly assesses its foreign relationships and reviews various government and non-government human rights reports for all countries with which the Service has implemented ministerially approved arrangements, always cognizant of the fact that our first responsibility is to the Canadian people and their safety. CSIS opposes in the strongest possible terms the mistreatment of any individual by a foreign agency. The Service must and does comply with Canada’s laws and legal obligations in sharing information with foreign entities, and expects the same from its foreign counterparts.

Terrorist Group Profiles

Cyber threats from hostile actors continue to evolve. State-sponsored entities and terrorists alike are using Computer Network Operations (CNO) directed against Canadian interests, both domestically and abroad. Canada remains both a target for malicious cyber activities, and a platform from which these hostile actors conduct CNO against entities in other countries.

Infographic: Graphic depicting Canadian sectors vulnerable to cyber threats. Long description below.

Long description of infographic: Canadian sectors at risk

Read more about the cyber threat

These state-sponsored and terrorist CNO actors are increasing in number, capability and aggression, and have access to a growing range of tools and techniques that they can employ to accomplish their mission. As these tools and techniques evolve and become more complex, so too do the challenges of detecting and attributing CNO.

Moreover, despite the fact that they originate in the virtual realm, the consequences of CNO can be very real. For example, in December 2015, a cyber-attack conducted against three Ukrainian power companies resulted in a power outage that left hundreds of thousands of people in the dark. The type of systems the actors exploited in this attack is used by energy companies worldwide. Should such destructive cyber-operations be targeted against similar systems in Canada, they could potentially affect any and all areas of its critical infrastructure.

Unfortunately, CNOs are not uncommon and agencies at all levels of government in Canada have faced this threat. The Government of Canada witnesses serious attempts to penetrate its networks on a daily basis.

CSIS is also aware of state-sponsored cyber-espionage and influence activities targeting the private sector in Canada and abroad. The targets of these attacks often fall within Canada’s advanced technology sector and throughout the critical infrastructure spectrum. Universities engaged in advanced research and development have also been subjected to CNO. In addition to stealing intellectual property, one of the objectives of state-sponsored CNO is to obtain information which will give their own companies a competitive edge over Canadian firms. This could impact investment or acquisition negotiations involving Canadian companies and the Government of Canada, and, in turn, lead to lost jobs, revenue, and market share. Ultimately, cyber-espionage negatively impacts Canada’s economy as a whole.

In responding to these threats, CSIS relies on specialized collection techniques to report on state-sponsored cyber-espionage or cyber-terrorism activity. For instance, by analyzing networks or malware behind CNOs, the Service can uncover clues that help identify the origins of the cyber-attacks (known as “attribution”).

The Service also maintains relationships with domestic and foreign agencies to provide the Government of Canada with the most up-to-date intelligence regarding the cyber threats facing Canada and who is behind them.

The CSIS Security Screening program represents one of the most visible of the Service’s operational sectors. It helps defend Canada and Canadians from threats to national security emanating from terrorism and extremism, espionage, and the proliferation of weapons of mass destruction. Security screening prevents persons who pose these threats from entering or obtaining status in Canada, or from obtaining access to sensitive sites, government assets or information. In addition, through its government screening program, CSIS assists the RCMP with the accreditation process for Canadians and foreign nationals seeking access to or participating in major events in Canada.

2014-2015 2015-2016

Note: Figures have been rounded
**Individuals claiming refugee status in Canada or at ports of entry

Infographic: Statistics on the security screening program at CSIS for the 2014-2015 and 2015-2016 fiscal years. Long description below. Infographic: Security screening statistics for the Toronto 2015 Pan Am/Parapan Am Games. Long description below.

Long description of infographic: Statistics from the security screening program

Long description of infographic: Statistics for the 2015 Pan Am Games

Read more about the CSIS Security Screening program

The CSIS Security Screening program also played a key role in achieving the Government of Canada’s goal to resettle 25,000 refugees from Syria by February 29, 2016. Between November 2015 and February 2016, CSIS conducted screening investigations on the applicants selected for resettlement in Canada. CSIS continues to work closely with the Canada Border Services Agency (CBSA) and Immigration, Refugees, and Citizenship Canada (IRCC) to provide timely security advice regarding permanent resident applicants who could represent a threat to Canada’s national security, while ensuring legitimate refugees are screened and resettled in a timely manner.

The people of CSIS are committed to ensuring a Service that is nimble, flexible and innovative, and takes responsible risks in the delivery of its mandate and in the pursuit of its strategic outcome.

As of March 31, 2016
Infographic: the make-up of CSIS workforce and awards received. Long description below.

Long description of infographic: Statistics related to CSIS' workforce and awards received

Recruiting the right talent to deliver on our mandate remains a key priority for the Service and the CSIS recruiting website, csiscareers.ca represents the cornerstone of our efforts. During 2014-2016, there were over 2 million hits to the site resulting in close to 90,000 applications being submitted.

Infographic: Statistics from csiscareers.ca and the total applications received during 2014-2015 and 2015-2016. Long description below. Visit the CSIS recruiting site(External link)

Long description of infographic: Statistics from the CSIS recruiting site

Read more about recruiting

The Service prioritizes a diverse workforce which allows us to better understand the demographics of the Canadian communities we protect, therefore better equipping us to collect relevant and accurate intelligence. Our recruiting team includes a diversity recruiter who liaises with a variety of community leaders across the country, and attends diversity job fairs and networking events in an effort to attract applicants from designated groups such as visible minorities, Aboriginal peoples and persons with disabilities.

In addition, a partnership has been established with Public Safety, the Royal Canadian Mounted Police (RCMP), Canada Border Services Agency (CBSA), Correctional Service Canada (CSC), Communication Security Establishment (CSE) and Department of National Defence to share best recruiting practices and hold joint initiatives.

The Academic Outreach (AO) program at CSIS seeks to promote conversations with experts from a variety of disciplines and cultural backgrounds working in universities, think tanks and other research institutions in Canada and abroad.

Infographic: Statistics related to the Academic Outreach program for 2014-2015 and 2015-2016. Long description below.

Long description of infographic: Academic Outreach statistics

Infographic: Academic Outreach publications from 2014-2016. Long description below. Political Stability in West and North Africa - Highlights from the Conference Pitfalls and Promises: Security Implications of a Post-revolutionary Middle East - Highlights from the Conference Russia and the West: The Consequences of Renewed Rivalry - Highlights from the Workshop Brittle Might? Testing China's    Success - Highlights from the Conference Foreign Fighters Phenomenon and Related Security  Trends in the Middle East - Highlights from the Workshop

Long description of infographic: Publications from Academic Outreach

Read more about Academic Outreach

In 2014-2015, AO hosted a conference that brought together multi-disciplinary experts from several countries. The conference was entitled “A Brave New World: Exploring the Evolving Nature of Cyber-conflict” and examined cyber threats facing Canada and its Western allies, our adversaries and their intent, as well as countermeasures that could help mitigate the proliferation of cyber conflict. In 2015-2016, we hosted another conference, “Brittle Might? Testing China’s Success”, which explored the challenges facing modern China, assessed the strengths and weaknesses of the country’s leadership, examined Beijing’s involvement in global affairs and debated China’s trajectory in the coming years.

The international conferences, however, represent only one component of the AO program. We also hosted a number of in-depth briefings on other topics of interest. For instance, one reviewed the global banking sector’s experience at identifying money laundering and terrorist financing activity. Another expert explored the phenomenon of radicalization in Western countries, while another guest specialist assessed the capabilities of Shia militias operating in Iraq and Syria.

During the period of review,  outside experts engaged CSIS staff on discussions covering a range of security and strategic issues, including Russia’s strategy towards the Arctic; the uses and limitations of ‘big data’ for intelligence analysis; Boko Haram’s campaign of violence in Nigeria; and the regional consequences of the conflict in Iraq and Syria on Lebanon.

The Security Intelligence Review Committee (SIRC) is an external independent review body that reports to Parliament on CSIS’ operations. It does so through its three core functions: certifying the CSIS Director’s annual report to the Minister of Public Safety, carrying out in-depth reviews of CSIS activities and conducting investigations into public complaints about CSIS. CSIS’ External Review and Liaison Unit (ER&L) manages the Service’s relationship with SIRC, ensuring that it receives all of the necessary information required to fulfil its mandate.

Infographic: Statistics related to SIRC reviews and complaints made to SIRC. Long description below.

Long description of infographic: SIRC reviews and complaints 2014-2015 and 2015-2016

Read more about Checks and Balances

Each year, SIRC provides a research plan identifying the reviews it plans to undertake. For each review, ER&L works closely with SIRC to ensure it has the documents it needs and to arrange briefings by CSIS employees. ER&L manages the correspondence between SIRC and the Service during a review as well as the Service’s response to the resulting report. These reviews, reflected in SIRC’s Annual Public Report, provide comprehensive assurance to Parliament and the Canadian public about the Service’s exercise of its authorities.

ER&L is also the primary point of contact for all stakeholders on public complaints made to SIRC and ensures that SIRC’s legal counsel has the information required for complaint investigations. When an investigation involves a hearing, ER&L assists Department of Justice legal counsel in preparing the CSIS case, including preparation of submissions, exhibits and arranging witnesses to testify at hearings.

ER&L coordinates CSIS responses to SIRC on questions, requests, recommendations, and correspondence. While CSIS is not required to accept all SIRC recommendations, they are reviewed carefully and CSIS responds in writing and these responses are reflected in SIRC’s Annual Report. In ensuring continuity and transparency, ER&L tracks progress and reports to SIRC on CSIS’ implementation of actions recommended by SIRC.

CSIS Internal Audit Branch / Disclosure of Wrongdoing and Reprisal Protection

The Internal Audit (IA) Branch is led by the Chief Audit Executive (CAE), who reports to the CSIS Director and to the CSIS External Audit Committee (AC). The IA Branch is subject to the Treasury Board Policy on Internal Audit, the Internal Auditing Standards for the Government of Canada as well as the International Standards for the Professional Practice of Internal Auditing.

The CAE provides assurance services to the Director, Senior Management and the AC, as well as independent, objective advice and guidance on the Service’s risk management practices, control framework, and governance processes. The CAE is also the Senior Officer for Disclosure of Wrongdoing.

The AC examines CSIS’ performance in the areas of risk management, control and governance processes relating to both operational activities and administrative services. By maintaining high standards in relation to its review function in particular following-up on the implementation of management action plans derived from audit recommendations, the AC supports and enhances the independence of the audit function.

In the capacity of Senior Officer for Disclosure of Wrongdoing, the CAE is responsible for administering the Internal Disclosure of Wrongdoing and Reprisal Protection Policy. The Policy provides a confidential mechanism for employees to come forward if they believe that serious wrongdoing has taken place. It also provides protection against reprisal when employees come forward, and ensures a fair and objective process for those against whom allegations are made.

The mandate of the Access to Information and Privacy (ATIP) Unit is to fulfill the Service’s obligations under the Access to Information Act and the Privacy Act. The Service’s Chief, ATIP is entrusted with the delegated authority from the Minister of Public Safety Canada to exercise and perform the duties of the Minister as head of the institution.

Infographic: ATIP statistics for the 2014-2015 and 2015-2016 fiscal years. Long description below.

Long description of infographic: ATIP statistics

Read more about Access to Information and Privacy

As the custodian of expertise related to the Service’s obligations under the Access to Information Act and the Privacy Act, the ATIP Unit processes all requests made under the relevant legislation and responds to informal requests for information. In doing so, the unit must balance the need for transparency and accountability in government institutions while ensuring the protection of the Service’s most sensitive information and assets.

The Financial Resources table below provides a snapshot of CSIS expenditures over the last 6 years (from 2010-2011 to 2015-2016).

Infographic: Bar graph of CSIS expenditures over the last six years. Long description below.

Long description of infographic: CSIS expenditures from 2010-2016

Read more about financial resources

Construction costs shown are for the expansion of CSIS National Headquarters. The construction of Phase III began in the summer of 2009 and the building was officially opened by the Minister of Public Safety in October 2011. Furthermore, in 2010-2011, new funding was announced for CSIS to address its most acute program integrity needs. This new funding commenced in 2010-2011 and has gradually increased each year until fully implemented in year 2014-2015.

Despite receiving a vote of confidence from the Government in the form of program integrity funding, CSIS has not been immune to Government-wide cost saving measures. CSIS' funding was reduced by $24.5M through the Deficit Reduction Action Plan (DRAP) announced in 2012.

CSIS received funding in 2015-2016 as part of the Government of Canada's initiative to continue to build and renew infrastructure across Canada. In addition, Budget 2015 announced funding to enhance national security, which commenced in 2015-2016.

Date modified: