A 15-year-old hacker with no motivation other than showing off could bring Canada to its knees, warns a high-ranking civil servant.

Margaret Purdy, associate deputy minister in the department of national defence, called on businesses last week to link arms with the federal government to help protect the country’s critical infrastructure. Speaking to the Calgary Chamber of Commerce, Purdy said terrorists, spies and rogue states not withstanding, it’s hackers who pose the greatest threat to the bonds that tie this country together — energy and utilities, communications, services, transportation, safety and government sectors.

“Hackers cost businesses $1.5 trillion US — I don’t know how many zeros that is — worldwide last year; that’s in lost revenue and that’s not taking into account lost consumer trust, lost clients, confidence in services being relied upon.”

The Internet is unstable, immature and was never meant to be secure, said Purdy. And with most people operating at e-speed and using the same software and tools, the problems are compounded.

Dave Olecko, Business Edge
Margaret Purdy said hackers cost businesses $1.5 trillion last year.

IT has revolutionized our lives and society and has altered the profile of our infrastructure which has become dependent on the Internet and consequently more interdependent and interconnected, she said.

“Is Canada’s critical infrastructure an attractive potential target for cyber attacks of either the amateur or the more professional variety? I say absolutely yes,” said Purdy whose responsibilities include the Office of Critical Infrastructure Protection and Emergency Preparedness created by Prime Minister Jean Chretien in February.

One of the office’s first acts was to become involved in the Quebec City summit, putting itself in the shoes of a teenage hacker to set up some “ground-breaking” cyber protection for the event.

Purdy was surprised there wasn’t more malicious activity in Quebec, but said it was a good dry-run for the expected G8 meeting next year in Ottawa.

Canada is vulnerable, she said, because we do not have a “map” of the critical infrastructure highlighting the key points, nor do we understand the inter-dependencies and there is no forum for sharing “best practices.”

The new office, located in the department of national defence, is a step to toward putting our house in order, said Purdy, warning that there isn’t a silver bullet.

She outlined a number of measures she will take including:

* Educating Canadians to become more security literate;

* Promoting cyber ethics among young people;

* Voluntary, yet credible security standards; and

* Fostering information sharing among all the sectors.

“Information is absolutely essential, but I’m going in with my eyes wide open knowing that sharing between the public and private sectors is going to be a challenge,” she said.

She urged businesses to become more security conscious, especially if they are in the sectors comprising critical infrastructure. “We (the government) only can be influential really in 10 per cent of the infrastructure. At the end of the day we can do very little in comparison to what the private sector must do.”