Advertisement

China ‘pre-positioning’ in U.S. networks for a potential conflict: Canadian agency

Click to play video: 'India is ‘emerging threat’ to Canada’s cyber security: report'
India is ‘emerging threat’ to Canada’s cyber security: report
WATCH: Though China, Russia and Iran remain Canada’s “greatest strategic cyber threats,” India has been identified as an additional “emerging threat actor,” according to a new assessment by the Canadian Centre for Cyber Security (CCCS) and the Communications Security Establishment (CSE).

Beijing-linked hackers are “very likely” finding their way into U.S. critical infrastructure networks to “pre-position” for a potential conflict with America, according to Canada’s cyber intelligence agency.

The Communications Security Establishment (CSE) said the People’s Republic of China (PRC) is likely integrating cyber operations into its military planning “to gain an advantage … in the event of a major crisis or conflict with the U.S.” The “pre-positioning” refers to gaining access to networks in order to exploit them if the need arises.

Because of Canada’s connection to critical infrastructure networks in the U.S. — such as the transportation, energy and telecommunications sectors — CSE warned in their annual cyber threat report that the alleged compromises are a threat to Canada, too.

“According to U.S. officials, the PRC’s operation is designed to slow the U.S. military’s response and to sow societal panic” in the event of conflict, the report suggested.

Story continues below advertisement

“While the focus of future PRC cyber warfare operations will likely be concentrated on the U.S., disruptive or destructive cyber threat activity against integrated North American critical infrastructure … would likely affect Canada as well due to cross-border interoperability and interdependence.”

Click to play video: 'Microsoft report finds China, North Korea ‘likely’ to try to interfere in U.S. elections'
Microsoft report finds China, North Korea ‘likely’ to try to interfere in U.S. elections

Allegations that hostile nations are “pre-positioning” themselves in Canadian or allied computer networks are not new, and CSE has spoken publicly about the threat in the past.

For news impacting Canada and around the world, sign up for breaking news alerts delivered directly to you when they happen.

Get breaking National news

For news impacting Canada and around the world, sign up for breaking news alerts delivered directly to you when they happen.
By providing your email address, you have read and agree to Global News' Terms and Conditions and Privacy Policy.

But the stark language in the report — that a Beijing-linked hacking group known as “Volt Typhoon” is “almost certainly” already trying to break into U.S. networks as preparation for a potentially significant conflict between the two world superpowers — is striking in itself.

“Volt Typhoon is especially noteworthy because the PRC has not historically conducted disruptive or destructive cyber operations against critical infrastructure,” the report noted.

Story continues below advertisement

The report also revealed that over the past four years, 20 networks “associated” with Canadian government departments and agencies have been compromised by PRC-linked hacking groups.

The government of China remains the most “comprehensive” threat to Canadian networks, according to the CSE, and has mounted an “expansive and aggressive cyber program” that includes surveillance, espionage and “attack capabilities.”

“PRC state-sponsored cyber threat actors persistently conduct cyber espionage against federal, provincial, territorial, municipal, and Indigenous government networks in Canada,” the report read.

“PRC cyber threat actors have compromised and maintained access to multiple government networks over the past five years, collecting communications and other valuable information. While all known federal government compromises have been resolved, it is very likely that the actors responsible for these intrusions dedicated significant time and resources to learn about the target networks.”

India emerges as cyber threat

While China remains the biggest threat actor, according to Canadian intelligence, the Indian government did merit some attention in CSE’s 2024 report.

Story continues below advertisement

Canada-India relations have been strained in recent months after the assassination of Sikh independence activist and Canadian citizen Hardeep Singh Nijjar. Canadian intelligence officials and Prime Minister Justin Trudeau have suggested that they have information that Nijjar’s killing was connected to Indian government officials, including now-expelled diplomats who were operating in Canada.

Click to play video: 'Former CSIS officer calls India allegations the most shocking ‘assault on our sovereignty, on public safety’ he has ever seen'
Former CSIS officer calls India allegations the most shocking ‘assault on our sovereignty, on public safety’ he has ever seen

But from CSE’s perspective, the Indian government’s ability to mount cyber attacks or exfiltrate information appears limited at this stage.

“India’s leadership almost certainly aspires to build a modernized cyber program with domestic cyber capabilities,” the CSE report reads, suggesting the agency does not believe the country currently has a “modern” cyber program.

“We assess that Indian state-sponsored cyber threat actors likely conduct cyber threat activity against Government of Canada networks for the purpose of espionage. We judge that official bilateral relations between Canada and India will very likely drive Indian state-sponsored cyber threat activity against Canada.”

Advertisement

Sponsored content

AdChoices