Menu

Topics

Connect

Comments

Want to discuss? Please read our Commenting Policy first.

China ‘pre-positioning’ in U.S. networks for a potential conflict: Canadian agency

WATCH: Though China, Russia and Iran remain Canada’s “greatest strategic cyber threats,” India has been identified as an additional “emerging threat actor,” according to a new assessment by the Canadian Centre for Cyber Security (CCCS) and the Communications Security Establishment (CSE).

Beijing-linked hackers are “very likely” finding their way into U.S. critical infrastructure networks to “pre-position” for a potential conflict with America, according to Canada’s cyber intelligence agency.

Story continues below advertisement

The Communications Security Establishment (CSE) said the People’s Republic of China (PRC) is likely integrating cyber operations into its military planning “to gain an advantage … in the event of a major crisis or conflict with the U.S.” The “pre-positioning” refers to gaining access to networks in order to exploit them if the need arises.

Because of Canada’s connection to critical infrastructure networks in the U.S. — such as the transportation, energy and telecommunications sectors — CSE warned in their annual cyber threat report that the alleged compromises are a threat to Canada, too.

“According to U.S. officials, the PRC’s operation is designed to slow the U.S. military’s response and to sow societal panic” in the event of conflict, the report suggested.

“While the focus of future PRC cyber warfare operations will likely be concentrated on the U.S., disruptive or destructive cyber threat activity against integrated North American critical infrastructure … would likely affect Canada as well due to cross-border interoperability and interdependence.”

Story continues below advertisement

Allegations that hostile nations are “pre-positioning” themselves in Canadian or allied computer networks are not new, and CSE has spoken publicly about the threat in the past.

But the stark language in the report — that a Beijing-linked hacking group known as “Volt Typhoon” is “almost certainly” already trying to break into U.S. networks as preparation for a potentially significant conflict between the two world superpowers — is striking in itself.

Story continues below advertisement

“Volt Typhoon is especially noteworthy because the PRC has not historically conducted disruptive or destructive cyber operations against critical infrastructure,” the report noted.

The report also revealed that over the past four years, 20 networks “associated” with Canadian government departments and agencies have been compromised by PRC-linked hacking groups.

The government of China remains the most “comprehensive” threat to Canadian networks, according to the CSE, and has mounted an “expansive and aggressive cyber program” that includes surveillance, espionage and “attack capabilities.”

“PRC state-sponsored cyber threat actors persistently conduct cyber espionage against federal, provincial, territorial, municipal, and Indigenous government networks in Canada,” the report read.

“PRC cyber threat actors have compromised and maintained access to multiple government networks over the past five years, collecting communications and other valuable information. While all known federal government compromises have been resolved, it is very likely that the actors responsible for these intrusions dedicated significant time and resources to learn about the target networks.”

Story continues below advertisement

India emerges as cyber threat

While China remains the biggest threat actor, according to Canadian intelligence, the Indian government did merit some attention in CSE’s 2024 report.

Canada-India relations have been strained in recent months after the assassination of Sikh independence activist and Canadian citizen Hardeep Singh Nijjar. Canadian intelligence officials and Prime Minister Justin Trudeau have suggested that they have information that Nijjar’s killing was connected to Indian government officials, including now-expelled diplomats who were operating in Canada.

Story continues below advertisement

But from CSE’s perspective, the Indian government’s ability to mount cyber attacks or exfiltrate information appears limited at this stage.

“India’s leadership almost certainly aspires to build a modernized cyber program with domestic cyber capabilities,” the CSE report reads, suggesting the agency does not believe the country currently has a “modern” cyber program.

“We assess that Indian state-sponsored cyber threat actors likely conduct cyber threat activity against Government of Canada networks for the purpose of espionage. We judge that official bilateral relations between Canada and India will very likely drive Indian state-sponsored cyber threat activity against Canada.”

Advertisement
Advertisement

You are viewing an Accelerated Mobile Webpage.

View Original Article