V2010ISU and the Canadian Cyber Incident Response Centre

The Canadian Cyber Incident Response Centre, or the CCIRC is a group in Public Safety Canada that protects “Critical Infrastructure” against threats such as myself and other people who have no intention of hacking the Olympics. They first appeared on the scene when they did the takedown of the Enviro-Canada website</a> that was first put up by the Yes Men. Given the fact that the CCIRC was caught lying about the site and claiming that The Yes Men were phishing proves that they are down with dirty tricks, and that they another sleazy arm of the Harper government.

A while ago, we released the CSIS ITAC Threat Assessments for the Vancouver 2010 Winter Olympic Games, and they included information about how the CCIRC cleaned off malware on the VANOC and V2010ISU computers. This was rather boring stuff, and I wouldn’t have batted an eye at it if it wasn’t also cause for 2/3rds of all Canadian Internet Traffic to be sampled under the pretext of “Malware Analysis” by Bell Canada and the RCMP. CCIRC is obviously involved in something more interesting than mundane IT tasks and it’s important that we take a look at it.

The documents that we did manage to get show that the CCIRC were an understaffed team, and showed the roles the other members of Public Safety had when planning the IT security presence during the Olympics. The use of the term Cyber is thrown around over and over again that it’s virtually meaningless, and it seems that CSIS was the lead agency looking to neutralize threats to National Security, with the CSE on defence, while the RCMP dealt with Criminal matters. This left CCIRC being the IT staff telling people to not download attachments.

None of this is super surprising, although it does indicate the grim reality that I do in fact have a CSIS file somewhere due to the fact that I was described by the JIG as a Threat to Critical Olympics Infrastructure, the very type that these people were trying to protect themselves from.

As usual, here’s the 19 page file. It’s rather dry, and contains a lot of definitions. I’m certain there’s something here, but I think lying about phishing is probably the most interesting thing the CCIRC has ever done so far.