At least 20 Canadian government networks have been compromised by Chinese state-sponsored threat actors, who have maintained access over the past four years to steal valuable data.

The Canadian Cyber ​​Security Center (Cyber ​​Centre) confirmed the compromises within it National Cyber ​​Threat Assessment 2025-2026.

The cyber center noted that threat actors targeted information to advance the strategic, economic and diplomatic interests of the Chinese Communist Party (CCP).and give them an edge in China-Canada bilateral relations and trade matters.

In addition to espionage, the data collected is likely used to support the influence and malign interference activities of the People’s Republic of China (PRC) against Canadian democratic processes and institutions.

Attackers are believed to have devoted significant time and resources to learning about target networks.

All known federal government compromises have been resolved, the Cyber ​​Center confirmed.

The report described the PRC as “the most sophisticated and active cyber threat to Canada.”

It highlighted espionage attacks against Canada’s private sector, academia, supply chains and government-affiliated research and development (R&D).

The federal government said it was highly likely that PRC actors stole commercially sensitive data from Canadian firms and institutions.

The cyber center has also observed Chinese state-sponsored hackers targeting individuals, particularly politicians, activists, journalists and diaspora communities that the PRC considers security threats.

Tactics used against such individuals include spear phishing and spyware to monitor and harass these individuals online.

India accused of plotting attacks against Canada

In addition to China’s increasing state-sponsored attacks, Russia, IRAN and north koreathe report identified India as an emerging cyber threat to Canada.

The cyber center assessed that the growing geopolitical tensions between Canada and India will provoke Indian state-sponsored attacks against Canadian government networks.

These tensions include allegations that the Indian government is using cyber technology to target Sikh separatists in Canada.

“India’s leadership almost certainly aspires to build a modernized cyber program with domestic cyber capabilities. India is very likely using its cyber program to advance its national security imperatives, including espionage, counter-terrorism, and the country’s efforts to promote its global standing and counter narratives against India and the Indian government,” the report said.

It is believed that India’s cyber program is likely to use commercial cyber providers to improve its operations.

Increase in volume and severity of attacks

In a foreword to the report, Canada’s Minister of National Defense Bill Blair described a “sharp increase” in both the number and severity of cyber incidents in Canada over the past two years, many of which target critical services.

The report highlighted how state-sponsored cyber operations against Canada extend beyond espionage to disruptive attacks, including denial of service, data deletion or leakage, and manipulation of industrial control systems.

As in the US, state actors are “pre-positioning” themselves in Canada’s critical infrastructure networks for possible disruptive or destructive cyber operations.

“We assess that our adversaries consider it highly likely that civilian critical infrastructure is a legitimate target for cyber sabotage in the event of a military conflict,” the Cyber ​​Center wrote.

Read now: CISA warns critical infrastructure leaders about Volt Typhoon