Chinese-sponsored threat actors have “compromised” Canadian government networks and collected valuable intelligence over the past five years, according to a new report from Canada’s Cyber Espionage Agency.
The Communications Security Establishment, responsible for foreign signals intelligence, cyber operations and cybersecurity, released its updated national cyber threat assessment on Wednesday. The assessment highlights threats that the agency believes are the most urgent facing individuals and organizations in Canada.
“We’re often asked: What happens at night? Well, just pick a page,” Caroline Xavier, head of CSE, told a news conference in Ottawa.
CSE’s latest report, looking ahead to the 2025-2026 fiscal year, names the People’s Republic of China (PRC) as “the most comprehensive cybersecurity threat facing Canada today” and says the scale, capabilities and ambitions China online shows “coming second”. for no one.”
The report says Chinese state-sponsored actors are conducting repeated cyber espionage campaigns against federal, provincial, territorial, municipal and indigenous government networks in Canada.
“Cyber threat actors in the People’s Republic of China have compromised and maintained access to multiple government networks over the past five years, harvesting communications and other valuable intelligence,” CSE said.
At least 20 networks associated with Canadian government agencies and departments have been compromised by PRC cyber threat actors, the agency said.
“While all known federal government compromises have been resolved, it is highly likely that the actors responsible for these intrusions spent significant time and resources learning about the target networks,” the report said.
China is targeting government networks and officials to gain advantages in bilateral relations and trade between China and Canada, CSE said.
Russia, Iran and India are also mentioned
“For example, provincial and territorial governments are likely to be a high-value target as they have decision-making power over regional trade and commerce, including resource extraction (for example, energy and critical minerals),” the report says.
“The information collected is also likely to be used to support the People’s Republic of China’s malign influence and interference activities against Canada’s democratic processes and institutions.”
More than two years ago, parliamentarians’ National Security and Intelligence Committee warned that gaps in Ottawa’s cyber defenses could lead to government agencies obtaining large amounts of data on Canadians and companies that would be vulnerable to state-sponsored hackers.
The commission found that Crown companies and small government departments and agencies – defined as those with fewer than 500 staffers and annual budgets of less than $300 million – have not heeded calls to use specialized cyber defense sensors to protect their networks from attacks by the state-sponsored attacks. .
The committee recommended expanding CSE’s cyber defense umbrella to all federal entities – something that CSE has said is not happening yet.
Xavier would not say whether any of the compromised agencies and departments mentioned in Wednesday’s report were the ones not using CSE’s sensors.
“Yes, we are not going to comment on that,” she said.
China’s cyber power also extends to supporting Beijing’s goal of silencing activists, journalists and diaspora communities.
“The government of the People’s Republic of China is highly likely to use Chinese-owned technology platforms, some of which are likely to collaborate with the intelligence and security services of the People’s Republic of China, to facilitate transnational repression,” the report said.
Wednesday’s report does not mention any platforms.
The Canadian Security Intelligence Service (CSIS) has warned against the use of the wildly popular video app TikTok.
Former CSIS director David Vigneault told CBC in an interview that it is “very clear” from the app’s design that users’ data is “available to the Chinese government.”
CSE’s report also names Russia, Iran, North Korea and India as cyber adversaries.
Russian cyber threat actors, the report says, “are very likely to target the Canadian government, military, private sector and critical infrastructure networks.”
It also notes that as the relationship between Canada and India continues to deteriorate, India will likely turn its burgeoning cyber espionage program against Ottawa’s networks.
The already tense relationship took a nosedive in the past two weeks after Canada accused India of orchestrating a campaign of violence on Canadian soil, including killings and extortion.