OTTAWA—An Ottawa fire revealed that one of the federal government’s most secret installations had an “extreme vulnerability” as it was being constructed — a back gate secured by only a simple padlock.

Ottawa fire crews responding to the blaze cut open the lock and swung open the gate to gain access to the new sprawling campus of Communications Security Establishment Canada.

In the wake of the fire, which caused only minor damage, officials at the ultra-secret agency responsible for electronic surveillance fretted that news of the easy-access would leak out.

And after the Star requested documents related to the incident, agency staff sought to clampdown on the release of all potential security shortfalls with dire warnings that any disclosures would leave the agency vulnerable to “attack.”

“Should this information be released it would confirm vulnerabilities in our system and could result in the inability to protect our classified buildings from attack from a hostile entity,” the note says.

That included details about the schedule of security patrols around the property, the names of CSEC employees, which are normally never released, the number of broken surveillance cameras, a missing red security badge and even the suggestion that the guards who prowl the property are all military or ex-military.

Yet in an administrative mistake, the agency provided all that information to the Star — highlighting the sensitive details but not deleting them from the documents provided under an access to information request.

Communications Security Establishment Canada is responsible for electronic surveillance and remains one the most secretive branches of the federal government even as it has dramatically expanded its staff and capabilities in the wake of the 9/11 terror attacks.

Around midnight on Nov. 9, 2013, a fire broke out on the roof of a building under construction as part of the massive development to relocate the headquarters of the CSEC to property shared with the existing head offices of the Canadian Security Intelligence Service.

At the time, the building, costing upwards of $800 million, was just months from completion. And security was tight on the site to ensure that its design and high-tech features remained a secret, and guard against bugging devices being sneaked onto the property.

Rather come through the front gate, where they were expected, Ottawa fire crews turned up a different entrance. Confronted with a gate secured only by a chain and lock, the firefighters cut the padlock to gain access.

The small fire — caused by cans of tar and a heater left on by contractors — was quickly extinguished.

After the Star sought more information about the incident, agency officials wanted to ensure that the ease of access to the back gate be kept secret.

“Revealing that there is nothing but a padlock protecting our gates creates an extreme vulnerability to the security of our building and our employees. Is not to be released anywhere throughout the document,” reads a briefing note accompanying the documents.

The note says that any information related to the building’s security is “classified” and could jeopardize the “safety and security” of operations.

“This includes the fact there was a lock cut and that is now missing,” the note says.

Agency spokesperson Ryan Foreman said Monday the fire occurred before the agency had taken possession of the building but said the security shortfall was fixed.

“Security concerns related to the gate used by the fire department to access the site were immediately addressed,” he said in an email.

Loading... Loading... Loading... Loading... Loading... Loading...

Foreman said that during construction, there were “significant” security measures in place, including 24-hour guard patrols and an extensive system of security cameras.

Now that the building is finished, the back gate is no longer used. “The gate in question was a construction access point which no longer exists,” Foreman said in an email.

The agency was concerned that other sensitive details be kept from public eyes as well, according to the internal note.

For example, the documents reveal that security cameras were inoperative on more than one occasion — as many as 11 were out for part of one day — and detail efforts by security staff to get them working again.

“Should this information be released to a hostile entity it could provide details of faulty security cameras and areas of vulnerability for entrance to the campus,” the briefing notes say.

The agency also wanted the names of its employees — who normally work in anonymity and are not included in public government directories — scrubbed from the record.

“If the names of CSE employees are released it creates potential for HUMINT (human intelligence) targeting which would interfere in CSE’s mandate to detect, prevent and suppress hostile activities,” the briefing note reads.

Yet the documents name several CSEC employees and in a few cases, provides their email address and telephone number.

Revelations that a red visitor pass has been missing since 2013 is a “security violation” since missing badges could allow a “hostile entity the means to recreate our building passes, therefore infiltrating our classified structure,” the note said.

Foreman said that many of the security issues outlined in the documents are no longer a concern.

“Given the passage of time . . . particularly the fact that our new facility is no longer a construction site, many of the sensitivities no longer exist,” Foreman said.

He said the Star was inadvertently sent an uncensored package of documents in response to the access to information request.