China-Sponsored Cyber Espionage Targets Canadian Government Networks, CSE Report Warns

In a concerning revelation, Canada’s cyber intelligence agency, the Communications Security Establishment (CSE), has disclosed that China-backed hackers have compromised government networks over the past five years, gathering valuable information. This alarming trend is highlighted in CSE’s updated national cyber threat assessment, which emphasizes the growing sophistication and scale of foreign cyber threats targeting Canada.

Released on Wednesday, the report points to China as the “most comprehensive cyber security threat” currently facing Canada. “The People’s Republic of China (PRC) demonstrates an unparalleled level of tradecraft, ambition, and persistence in its cyber operations,” the report warns. These cyber espionage activities have repeatedly targeted federal, provincial, territorial, and municipal government networks, posing a significant risk to Canada’s digital infrastructure.

According to the CSE, China’s state-sponsored cyber actors have breached and maintained access to more than 20 Canadian government networks, including federal agencies, departments, and provincial entities. These intrusions allowed Chinese hackers to collect sensitive communications and other critical data, which could be used to gain leverage in diplomatic and commercial dealings between Canada and China.

Caroline Xavier, CSE’s chief, spoke about the gravity of these threats during a news conference in Ottawa. “What keeps us up at night? Just pick a page from the report,” she said, underscoring the pervasive nature of these cyber attacks.

The report suggests that the targeted information may aid China’s influence campaigns, particularly in areas related to trade and resource extraction, where provincial governments hold significant decision-making power. “Provincial and territorial governments are prime targets due to their authority over regional trade and industries like energy and critical minerals,” the report notes.

The CSE’s findings come on the heels of a 2021 report from the National Security and Intelligence Committee of Parliamentarians, which warned about weaknesses in Canada’s cyber defences. The committee highlighted that smaller government agencies and Crown corporations, many of which have not adopted CSE’s advanced cyber defence measures, remain vulnerable to state-sponsored attacks.

Despite these warnings, CSE has not yet extended its cyber defence protection to all federal entities, leaving gaps in Canada’s security. “We are not going to comment on the specific agencies compromised,” said Xavier, in response to questions about the vulnerabilities in smaller government departments.

The report also raises concerns about China’s use of stolen information to interfere with Canada’s democratic processes and institutions. By infiltrating government networks, China could manipulate bilateral relations and gain advantages in trade negotiations, potentially undermining Canada’s sovereignty.

As cyber threats evolve, the CSE warns that state-sponsored cyber espionage will remain a significant challenge for Canada through the 2025-2026 fiscal year. The agency urges enhanced cybersecurity measures to protect against these ongoing threats, particularly as China continues to refine its cyber espionage capabilities.

In conclusion, Canada must remain vigilant as China intensifies its cyber operations, targeting both governmental and commercial sectors. Strengthening cybersecurity across all levels of government is essential to safeguarding Canada’s national interests and democratic processes.