Detecting Foreign Interference

By year end, federally regulated financial institutions (#FRFI’s) are required by Office of the Superintendent of Financial Institutions Canada to develop or expand procedures that address a range of integrity and #security issues, including #foreigninterference. #OSFI expects FRFI's to apply the guideline on a risk basis, proportional to factors such as the #bank's or #insurer's:

• Ownership structure, including parent-subsidiary or home office-branch relationships and relationships with related parties and large shareholders

• Business arrangements, including joint ventures and strategic alliances

• Strategy and risk profile

• Scope, nature, and location of operations

Financial institutions must consider their susceptibility to undue influence, foreign interference, and malicious activity.

Foreign interference includes:

• Using a company or individual in Canada to conduct tasks for a foreign state

• Funding or supporting political parties or candidates at any level: municipal, provincial or federal

• Online and offline disinformation.

There is also a grey zone where otherwise legal activity becomes interference when a foreign state hides its funding, involvement or direction. This includes:

• Coordination with companies and individuals to pressure policy makers

• Payments to further a relationship

• Providing financial or other support to sympathetic community groups.

SOURCE: Canadian Security Intelligence Service

An individual can be:

• A target of foreign interference (e.g., unaware that a foreign state is supporting their political candidacy)

• An unwilling accomplice (e.g., threats made against family living abroad)

• A witting participant (e.g., taking direction from a foreign embassy).

Foreign interference attempts to exploit local vulnerabilities and narratives. The “battle of narratives” is often based on ethnic or religious cleavages, anti-western grievances and conspiracy theories. The number of online platforms for disinformation is amplifying, and there are more actors involved, using a plethora of different techniques to create and spread disinformation.

In addition to the usual suspects – Russia, Iran, China and North Korea – their allies and sympathetic states are also potential sources of interference. In Russia’s case alone, this includes at least two dozen allies and sympathizers across the globe.

Beyond that, private supporters and paid influencers who repost or generate propaganda can live anywhere. Many Balkan states’ residents worked for Russia during US presidential elections in the past ten years. Africa has been traced as the source of more recent campaigns.

Countries normally considered to be Canada’s allies have also engaged in foreign interference. India now outranks Russia in this activity in Canada. India’s efforts extend beyond countering perceived pro-Khalistani support in Canada to targeting Canadian politicians, ethnic media and Indo-Canadian ethnocultural communities. Pakistan has similarly targeted democratic institutions and processes.

Beyond foreign state actors, foreign individuals can interfere in Canada. The so-called “freedom convoy” was a prime example. When GoFundMe suspended the organizers’ crowdfunding campaign for breaching the terms of service, the fundraising shifted to GiveSendGo, which helped raise $8.7 million. Sympathizers with Stripe accounts set this up. Less than one-third (29%) of donors were Canadian. Over half (56%) were based in the USA; the rest included thousands of donations from overseas, including the UK, Australia, and Ireland. American software billionaire Thomas Siebel donated $90,000. GiveSendGo has hosted fundraisers for groups including the Proud Boys, QAnon influencers, and the families of jailed January 6 insurrectionists.

While Canada is still establishing its Foreign Influence Transparency Registry, similar systems already established by allies can indicate foreign entities that could also operate in Canada. Note that registered lobbyists at federal, provincial and municipal levels can be influenced by foreign entities.

Foreign interference is not limited to politics, government, or defence. In an era of growing global competition, when #supplychains, #infrastructure networks, and technological #innovation increasingly determine strategic advantage, Canadian businesses are often a target of foreign adversaries. The Business Council of Canada lists several examples:

• In April 2023, a pro-Russia hacker group engaged in a string of distributed denial-of-service attacks during the Ukrainian Prime Minister’s visit to Canada. The attacks caused the websites of major Canadian businesses in the #utilities, #transportation, and banking sectors to crash.

• Also in April 2023, Russian-backed hackers gained control over a Canadian natural gas distributor’s system. The Canadian Centre for Cyber Security said the hackers “had the potential to cause physical damage” to the distributors’ #pipeline network.

• In June 2022, a malicious actor with possible links to China deployed thousands of fake #socialmedia accounts to conduct a coordinated #disinformation campaign against a Canadian company developing a rare earth mine in northern Saskatchewan. Shortly after the miner announced its project, fake posts began targeting locals with false claims regarding the project’s environmental and labour record.

• In May 2022, a Russian-speaking cybercrime group disrupted the operations of a Canadian #aerospace company that was providing engineering and R&D services to the Canadian Armed Forces | Forces armées canadiennes.

IntelEdge works with USA-based Intelligent Decision Partners (IDP), which has conducted hundreds of projects in the areas of foreign interference and influence in both the private and public sectors.

IDP recently completed a project assessing almost a dozen individuals and companies to find any nexus to foreign companies, including Iran, North Korea, Russia, and China. The company assessments included discovering any known business deals, foreign ties, regulatory issues like US International Traffic in Arms Regulations (ITAR), overseas production capabilities, and supply chain linkages.

IDP has conducted deep background work on hundreds of political campaigns, analyzing lists of individual donors and donor organizations, then tracing those organizations to their identities. Findings have included:

• Determined several China state-sponsored ties. In one example, found a Chinese language media company wooing investors to donate to a candidate.

• Donors from the US sanctions list pouring money into the coffers of a political candidate.

• A campaign's social media team operating from Africa.

• In several races, individuals accepted funds from people registered with the federal government as foreign agents.

• Registered lobbyists with ties to overseas state-owned entities.

I invite concerned #compliance and #regulatory #executives at #financial institutions to contact IntelEdge to discuss the products designed specifically to address your new requirements under OSFI:

• Foreign Interference Detection – Identify stakeholder vulnerabilities

• Personal Character Checks – Deep background on Directors and Senior Managers

• Supplier Vulnerability Checks – Third-party risk management

• Risk-based Background Checks – Prospective and new employees and contractors

• Cyber Threat Assessment – Vulnerability scanning using enhanced web analytics.

Reach out to us today to find out more: ghammond@inteledge-osint.com