One of Canada’s former top spies says that insider threats are one of the country’s biggest national security threats following three high-profile incidents.
“An insider threat, whether it’s a leaker or a spy — a spy from the inside — is unquestionably the most serious threat to national security,” former CSIS executive manager Dan Stanton told Mercedes Stephenson on The West Block.
“These are individuals that progress from low-risk to potential to do some leakage to becoming a high-risk where they actually act on these impulses and these plans. And it’s a very serious threat.”
Earlier this month, former RCMP intelligence official Cameron Ortis was sentenced to 14 years in prison for attempting to sell top-secret information to police targets. He will spend seven years in prison with credit for time served during his trial.
This was the first conviction under Canada’s Security of Information Act.
Less than a week after Ortis was sentenced, an RCMP frontline officer in Alberta was arrested and charged for allegedly accessing protected police record systems to help a foreign actor.
Get the latest National news.
Sent to your email, every day.
Earlier this week, Global News reported a former employee of Ontario Power Generation, the Crown corporation that operates the province’s nuclear plants, has been charged under the Security of Information Act after allegedly leaking “safeguarded information” online.
Stanton says that there can be warning signs ahead of a leak of sensitive information, but the red flags are often overlooked.
“What makes someone leak? What you do is you look at the predispositions of people. You look at how people cope with stress. You look at these external triggers going on in their life professionally, personally. And so, there’s a continuum really from low, medium to high-risk that they’re then going to leak,” Stanton explained.
“Most organizations don’t respond to these red flags… They don’t really get engaged. And they only learn about the high-risk insider threats when they’ve already crossed the line and done damage.”
Stanton said some warning signs can include a break in routine and emotional or personal issues brought on by stress from financial or relationship challenges.
“It’s really important for someone that may actually be high risk to leak, that the organization is able to intervene and mitigate before it becomes a disaster,” Stanton said.
The U.S. Cybersecurity and Infrastructure Security Agency defines insider threat as “the threat that an insider will use their authorized access, intentionally or unintentionally, to do harm to the department’s mission, resources, personnel, facilities, information, equipment, networks, or systems”
The risks they can pose to organizations can range from violence, espionage, sabotage, theft and cyber acts, the agency says.
A notice from the Canadian Forces in 2023 warned that insider threats can come from motivations such as money, ideologies and work dissatisfaction.
Such actors, the memo warned, “could devastate the DND/CAF organization’s assets and finances, compromise the information holdings, and damage Canada’s international reputation.”
© 2024 Global News, a division of Corus Entertainment Inc.