sa¹ú¼Ê´«Ã½

Skip to content
Join our Newsletter

State adversaries getting 'bolder' in cyberspace, Canadian threat forecast warns

OTTAWA — A new federal threat forecast warns that foreign adversaries are becoming bolder and more aggressive with their tactics in cyberspace.
d44b0721d9b74d04528a481ff85b02c89f081341403b8a7e03e9ded74dd41409
The Communications Security Establishment sa¹ú¼Ê´«Ã½ (CSEC) complex is pictured in Ottawa, Oct. 15, 2013. THE CANADIAN PRESS/Sean Kilpatrick

OTTAWA — A new federal threat forecast warns that foreign adversaries are becoming bolder and more aggressive with their tactics in cyberspace.

The 2025-26 forecast from the Canadian Centre for Cyber Security says state-sponsored cyberthreat actors are almost certainly combining disruptive computer network attacks with online information campaigns to shape public opinion.

The report says these opponents linked to foreign states are also very likely targeting critical infrastructure networks in sa¹ú¼Ê´«Ã½ and allied countries to prepare for possible future disruptive or destructive online attacks.

The centre says China's expansive and aggressive program presents the most sophisticated and active state cyberthreat to sa¹ú¼Ê´«Ã½ today.

The report notes that over the last four years, at least 20 networks associated with federal agencies and departments have been compromised by Chinese cyberthreat actors.

It adds that while all known federal compromises have been resolved, it is likely the attackers dedicated significant time and resources to learn about the target networks.

Among the other judgments in the report:

— sa¹ú¼Ê´«Ã½ is very likely a valuable espionage target for Russian state-sponsored cyber threat actors, including through supply chain compromises, given sa¹ú¼Ê´«Ã½’s membership in the North Atlantic Treaty Organization, support for Ukraine against Russian aggression and presence in the Arctic;

— Iran's increasing willingness to conduct disruptive cyberattacks beyond the Middle East and its persistent efforts to track and monitor regime opponents through cyberspace present a growing cybersecurity challenge for sa¹ú¼Ê´«Ã½ and its allies;

— Indian state-sponsored actors likely conduct cyberthreat activity against federal networks for the purpose of espionage;

— the "cybercrime-as-a-service" model is underpinned by flourishing online marketplaces where people sell stolen and leaked data and ready-to-use malicious tools to other cybercriminals; and

— ransomware is the top cybercrime threat facing sa¹ú¼Ê´«Ã½'s critical infrastructure, and in the next two years perpetrators are expected to escalate their extortion tactics and refine their capabilities to increase pressure on victims to pay ransoms.

This report by The Canadian Press was first published Oct. 30, 2024.

Jim Bronskill, The Canadian Press