China 'compromised' Canadian government networks and stole valuable info: spy agency

Threat actors sponsored by China "compromised" Canadian government networks over the past five years and collected valuable information, says a new report from Canada's cyber spy agency.

The Communications Security Establishment, responsible for foreign signals intelligence, cyber operations and cyber security, released its updated national cyber threat assessment on Wednesday. The assessment flags threats the agency sees as the most pressing ones facing individuals and organizations in Canada.

"We're often asked, what keeps up at night? Well, pick the page," Caroline Xavier, CSE chief, told a news conference in Ottawa.

CSE's latest report, which casts ahead to the 2025-2026 fiscal year, names the People's Republic of China (PRC) as "the most comprehensive cyber security threat facing Canada today" and says the scale, tradecraft and ambitions China demonstrates online are "second to none."

The report says Chinese state-sponsored actors repeatedly conduct cyber espionage campaigns against federal, provincial, territorial, municipal and Indigenous government networks in Canada.

"PRC cyber threat actors have compromised and maintained access to multiple government networks over the past five years, collecting communications and other valuable information," said CSE.

At least 20 networks associated with government of Canada agencies and departments have been compromised by  PRC cyber-threat actors, said the agency.

"While all known federal government compromises have been resolved, it is very likely that the actors responsible for these intrusions dedicated significant time and resources to learn about the target networks," says the report.

China targets government networks and public officials to obtain advantages in China-Canada bilateral relations and commercial matters, said CSE.

"For example, provincial and territorial governments are likely a valuable target given that they have decision-making power over regional trade and commerce, including resource extraction (e.g., energy and critical minerals)," says the report. 

"The information collected is also likely used to support the PRC's malign influence and interference activities against Canada's democratic processes and institutions."

More than two years ago, the National Security and Intelligence Committee of Parliamentarians warned that gaps in Ottawa's cyber defences could leave government agencies holding vast amounts of data on Canadians and businesses vulnerable to state-sponsored hackers.

The committee found that Crown corporations and small government departments and agencies — defined as those with fewer than 500 staffers and annual budgets of less than $300 million — haven't heeded calls to use specialized cyber defence sensors to protect their networks from state-sponsored attacks.

The committee recommended CSE's cyber defence umbrella be extended to cover all federal entities — something CSE has said isn't happening yet.