China has compromised government networks, stealing valuable info: Canadian cyber spies

According to a new report from Canada’s cyber spy agency, threat agents backed by China have "compromised" government networks over the past five years, gathering valuable information.

The Communications Security Establishment (CSE), which oversees foreign signals intelligence, cyber operations, and cyber security, released its updated national cyber threat assessment on Wednesday. This report highlights what the agency considers the most significant cyber threats facing individuals and organizations in Canada.

Looking ahead to the 2025-2026 fiscal year, the report identifies the People’s Republic of China (PRC) as "the most comprehensive cyber security threat facing Canada today," stating that its scale, tradecraft, and ambitions in cyberspace are "second to none."

The report details troubling successes of these cyber activities.

According to the Canadian intelligence agency, state-sponsored actors consistently engage in cyber espionage campaigns targeting federal, provincial, territorial, municipal, and Indigenous government networks in Canada.

"PRC cyber threat actors have compromised and maintained access to multiple government networks over the past five years, collecting communications and other valuable information," stated the CSE. The agency noted that at least 20 networks linked to Canadian government agencies and departments have been breached by PRC cyber-threat actors.

"While all known federal government compromises have been resolved, it is very likely that the actors responsible for these intrusions dedicated significant time and resources to learn about the target networks," the report explains.

China targets government networks and public officials in an effort to gain leverage in China-Canada bilateral relations and commercial matters, according to the CSE.

"For instance, provincial and territorial governments are likely a valuable target given that they have decision-making power over regional trade and commerce, including resource extraction (e.g., energy and critical minerals)," the report adds.

"The information collected is also likely used to support the PRC's malign influence and interference activities against Canada's democratic processes and institutions."

The report further indicates that China’s cyber capabilities also aid Beijing's objective of silencing activists, journalists, and diaspora communities.

"The PRC government very likely leverages Chinese-owned technology platforms, some of which likely cooperate with the PRC's intelligence and security services, to facilitate transnational repression," the report states.

The report does not specify which platforms are involved.

Previously, the Canadian Security Intelligence Service (CSIS) has cautioned against using the widely popular video app TikTok. Former director David Vigneault told CBC in an interview that it is "very clear" from the app's design that data collected from its users "is available to the government of China."

CSE's report also identifies Russia, Iran, North Korea, and India as cyber adversaries.

Russian cyber threat actors, the report notes, "are very likely targeting the Canadian government, military, private sector, and critical infrastructure networks."

Additionally, it mentions that as Canada’s relationship with India continues to deteriorate, India is likely to direct its growing cyber capabilities against Ottawa's networks for espionage.

The already strained relationship has worsened in the past two weeks after Canada accused India of orchestrating a campaign of violence on Canadian soil, including murders and extortion.