After several high-profile investigations into Anonymous failed to net results, the Royal Canadian Mounted Police are looking to set up a cyber crime team in Ottawa that will tackle online threats to Canada's "political, economic, and social integrity."
The RCMP Action Plan to Combat Cybercrime was unveiled Wednesday, and lays out the federal police force's plans for the next four years. In discussing the plan, the police force's lead agent on cybercrimes insisted that while there may be no public movement on the investigation into Anonymous hackers, he suggested that work is ongoing.
The action plan says the force will be acquiring new gear to house and analyze data, setting up better relationships with international policing agencies to catch cybercriminals worldwide, and improve its recruiting efforts to get more technology-minded recruits on the force.
One of the goals under the plan is to set up a cybercrime team, based in Ottawa, tasked to "investigate the most significant threats to Canada's political, economic, and social integrity that would negatively affect Canada's reputation and economy."
The team "will have the capacity to target cyber-related criminal activity targeting the federal government, national critical infrastructure, and key business assets."
The government has had a spotty record on that front so far, with government departments frequently finding themselves the victims of phishing and malware schemes.
Ottawa has also had problems with hackers and leakers targeting the federal government. For years, hackers have run Direct Denial of Service (DDoS) attacks against government websites, often in retaliation for government legislation. Earlier this year, a hacker got their hands on documents pertaining to the technology infrastructure at the Canadian Security Intelligence Service's foreign bureaus.
While the RCMP have vowed to catch those responsible, no arrests have been made. The new cybercrime team, which will be fully operational by 2020 but which will begin getting set up before the end of 2015, appears to be part of the plan to remedy that.
"The team will enhance the RCMP's ability to combat cybercrime-related offences where technology plays an integral role, such as investigating the unauthorized use of computers, mischief in relation to data, or the possession of a device to commit unauthorized computer use or data mischief," the plan reads.
Asked about the RCMP's failure to produce arrests thus far on the high-profile instances of hacking and DDoS attacks — specifically when it comes to Anonymous — Jeff Adam, Chief Superintendent with Royal Canadian Mounted Police, suggested that those cases were far from cold.
"Insofar as the apparent, as you say, lack of outcomes," Adam said on a conference call unveiling the plan. "Cybercrime investigations, starting off, can involve encryption, the darknet, multinational jurisdictions — and, many times, many different national jurisdictions — and it is a complex and time-consuming task to both identify, gather the evidence on, and to bring those people into the realm of justice.
"And while there might not be, apparently, anything happening, this is not as simple as catching the car speeding down the street," Adam continued. "This is infinitely more complex and requires a whole new way of doing business."
Police agencies worldwide have highlighted their concern with encryption and the dark web, with some — like the director of the CIA — even suggesting that encryption has acted as a barrier to stopping attacks like the November assault on Paris.
RCMP Commissioner Bob Paulson hinted towards his frustration with encryption at a security conference in November.
"It's a very difficult proposition to bring traditional criminal justice strategies to bear in a place where anonymity is protected," he said, but he also noted that fighting encryption shouldn't be the "Holy Grail" for policing, and that it may not be their place to advocate for new legislation to combat anonymity online.
"We're chasing the wrong Holy Grail. I am all for new legislation, I am all for warrantless access to subscriber info," Paulson said.
He offered a sort-of compromise.
"So my proposition is to chase down the laws where we can, where they are consistent with Canadian values and the Charter of Rights and Freedoms, and make sure we have a sensible framework in which we can access subscriber information, but also to engage people, you people, in the discussion around keeping our citizens safe in this new world that we're building," Paulson said.
But encryption activists believe the cryptographic practise, which allows for senders or holders of online information to protect their networks from prying eyes, is the last frontier of an open and safe internet.
"The intelligence services of the world claim that encryption is a problem," said Jacob Appelbaum at the recent World Forum for Democracy conference. Appelbaum is a leading technologist with the Tor project and a Wikileaks volunteer who believes encryption wasn't to blame for the Paris attacks.
"But the evidence has come out that, in fact, the attacks in Paris were perpetrated by people who used credit cards in their real name, who used unencrypted text messages to say things like 'let's go.'"
The RCMP had its powers to request Canadians' subscriber information slapped down by the Supreme Court in 2014 after it was ruled unconstitutional.
When pushed on the question of new legislation, Adam said that the RCMP won't be pushing for new laws or powers, per se — "'advocating' would be a little bit of a strong of a word," he said — but that he would be happy to give advice to the new government. He further underlined that warrantless access would be a useful tool.
The new Liberal government has not indicated that they're looking to give the RCMP any new powers to surveil Canadians online, or to break encryption.
Follow Justin Ling on Twitter: @Justin_Ling