(Ottawa) New academic analysis has identified at least 75 foreign political or industrial cyber threats targeting Canada since 2010, ranging from attempts to steal COVID-19-related research to targeting Uyghur rights activists of the person.
Posted at 6:17 a.m.
The report by researchers from the Observatory of Multidimensional Conflicts at the University of Quebec in Montreal found that cyber espionage accounted for more than half of these episodes.
The center brings together Canadian and international researchers who study how foreign actors attempt to destabilize states, weaken societies and institutions, and undermine critical systems through cyberattacks, disinformation, and political interference.
The analysis focuses on what the center considers to be geopolitical or strategic cyber incidents, that is, events that are not primarily related to criminal or national political activity, but rather to global rivalries and competition. strategic.
It is said that these events are most often organized outside of Canada, usually orchestrated by foreign governments for political, economic or other purposes.
Targets include Canadian public authorities, the general public, research institutions and businesses, individuals or international organizations based in Canada.
“Some targeted Canada specifically, while others targeted multiple countries, including Canada. »
Canadian security agencies are increasingly vocal about cyber threats from abroad, which aim to steal valuable information or interfere in political affairs by spreading falsehoods or even compromising elected officials.
Cyber espionage targeting state secrets and intellectual property, as well as targeted surveillance of individuals, accounted for 49 of the 75 incidents analyzed by the center.
The researchers caution that the exact nature of the cyber espionage campaigns was sometimes difficult to determine, but about half were economic or industrial espionage activities.
“These operations targeted large companies, universities and other entities dedicated to R&D, most involved in the IT, energy, finance and aerospace industries”.
Several digital espionage operations targeted Canadian government agencies.
Other schemes targeting Canada since 2010 include:
- 15 cases of manipulation of information — intentional and coordinated spreading of false or biased information in cyberspace for hostile purposes;
- five cases of digital reconnaissance — fraudulently entering a computer system in order to map it or assess vulnerabilities;
- four defamation operations, involving the taking over or modification of a website or account for hostile political purposes;
- and four episodes of doxin — the intentional disclosure of personal information about individuals in order to humiliate, threaten or punish them.
Researchers have traced the vast majority of geopolitical cyber incidents in Canada over the period examined to China, Russia, Iran or North Korea. However, they point out that the governments of these countries were not necessarily involved. The non-State forces there could have acted on their own.
The report also highlights three major worrying trends: the growing digital surveillance of activists in Canada by foreign powers, the expansion of the cybermercenary industry, and the huge growth in the number of ransomware attacks.
” The hackers on their own are often employed by authoritarian states to stalk political opponents, spy on NGOs and journalists, or steal personal information for the purpose of blackmailing and harassing dissidents,” the document states.
“Cyberspace now offers nation states countless new opportunities for espionage and surveillance anywhere in the world, with little risk of retaliation. »
The researchers say that while Canada does not appear to be the primary target of cyber retaliation for supporting Ukraine after Russia invaded, there are reasons to be vigilant.
Russia could encourage its cybercriminal networks to step up their attacks — especially ransomware attacks — against Canadian organizations, including those that have taken specific action against Moscow.
Despite efforts by NATO members to prevent any escalation, it is also conceivable that Russia may eventually try to target Western critical infrastructure, such as power grids, the report adds.