Hackers Wanted: Canadian Intelligence Service is Hiring

Canadian Security Intelligence Service (CSIS) has opened a vacancy for what is thought by some to essentially be a hacker. The job description for Network Exploitation Analyst was published on the Canadian Government website.

According to the published vacancy, the applicant will be tasked with "conducting technical analysis of technical artifacts using reverse engineering and forensics", as well as to "design, architect and implement systems to support cyber investigative activities".

The applicant is expected to be experienced with programing languages, including not only C/C++, but also PHP, Python and shell scripting. The applicant must also be experienced with everything network-related: virtual private networks (VPN), firewalls, network protocols and hardware infrastructure.

There are several options regarding the applicant's education, depending on their level and Canadian Intelligence demands a varying amount of work experience.

CSIS is Ottawa's intelligence service tasked with fighting real and virtual threats to the national security of Canada, including — it is assumed — gathering information and conducting secret operations both on Canadian soil and abroad. When faced with high-tech issues, it routinely relies on its Communication Security Establishment (CSE), according to The Star.

The CSE is tasked with gathering intelligence abroad and is forbidden to spy on Canadians at home, but is allowed to assist intelligence and law enforcement on Canadian soil.

While proponents say CSIS needs in-house hackers to better do its job of countering threats to the national security of Canada, opponents warn that there is too much uncertainty and obscurity regarding what, precisely, the service can and cannot do.

"While (Liberal national security bill) C-59 placed some limits and provided some clarity on what those disruption powers would entail, the prospect of CSIS hacking in any form should give everyone pause, especially because there is still a lot of uncertainty around what that mandate would allow", noted Ronald Deibert, the director of Citizen Lab at the University of Toronto's Munk School of Global Affairs.

"Practically speaking, CSIS hacking could include computer network interference in a foreign election process, compromising the integrity of important digital tools that Canadians rely on for everyday privacy and security, creating fake online personas and using them to spread disinformation and more", Deibert said, cited by The Star

Bill C-59, introduced in 2017 by Public Safety Minister Ralph Goodale, has not yet become law. C-59 sets parameters for how the spy agency can access, collect, and analyse "publicly-available data" in its investigations, but critics say the limit of its powers in the document are too vaguely defined and overly broad.

According to CSIS spokesman John Townsend, Bill C-59 also gives the agency "clear legislative authority" to collect and analyse information not "directly or immediately" related to national security threats.