Canadian Centre for Cyber Security releases National Cyber Threat Assessment 2023-2024
Ottawa, Ontario - October 28, 2022
The Canadian Centre for Cyber Security (Cyber Centre) has released its National Cyber Threat Assessment 2023-2024, alerting that state sponsored and financially motivated cyber threats are increasingly likely to affect Canadians, and that foreign threat actors are attempting to influence Canadians through use of misinformation, disinformation and malinformation in online spaces.
This report outlines the most common cyber threats to Canadians and Canadian organizations, the likelihood that these cyber threats will occur and how they will evolve in the coming years.
This unclassified assessment found that ransomware is almost certainly the most disruptive form of cybercrime facing Canadians and that it remains a persistent threat to Canadian organizations. It also says critical infrastructure is increasingly at risk from cyber threat activity but, in the absence of direct international hostilities involving Canada, it is unlikely that state-sponsored actors would intentionally disrupt Canadian critical infrastructure.
The Cyber Centre has assessed that state-sponsored cyber threat activity is impacting Canadians, with state actors targeting diaspora populations and activists in Canada, Canadian organizations and their intellectual property for espionage and individuals for financial gain. We have also observed cyber threat actors’ attempts to influence Canadians using misinformation, disinformation and malinformation (MDM), and we assess that Canadians’ exposure to MDM will almost certainly increase over the next two years.
In addition, the assessment details that disruptive technologies, such as cryptocurrencies, machine learning and quantum computing, are bringing new opportunities for cyber threat actors and, thus, new threats to Canadians.
While threats continue to evolve, the Government of Canada has made cyber security a priority. Investments include the passage of the CSE Act, which gave the Communications Security Establishment the ability to better intercept and disrupt foreign threats. Budget 2022 has allowed $875.2 million to bolster CSE’s ability to deter, defend, and prevent cyber-attacks. These investments will protect Canada, our critical infrastructure, our government systems, and our national security. New this year, the Cyber Centre has also compiled its best advice and guidance for Canadians, Canadian organizations and critical infrastructure to address the cyber security threats outlined in the assessment.
This is the Cyber Centre’s third National Cyber Threat Assessment. The first was published in December 2018.
In addition to publishing the National Cyber Security Assessment 2023-2024 today, the Cyber Centre has also published an updated edition of its Introduction to the Cyber Threat Environment. This introductory reference document provides baseline information about the cyber threat environment, including information about cyber threat actors and their motivations, their techniques and tools in a Canadian context.
About the Cyber Centre
Part of the Communications Security Establishment (CSE), the Cyber Centre is the Government of Canada’s technical authority on cyber security and the single, unified source of expert advice, guidance, services and support on cyber security operational matters.
The Cyber Centre works with businesses and organizations that have been victim to a cyber incident in order to mitigate the impact of cyber security incidents.
"We are taking a comprehensive approach to bolstering Canadian cyber security. The National Cyber Threat Assessment 2023-2024 shows that as technology continues to accelerate with rapid speed, threats also continue to evolve. This report provides information to Canadian decision-makers, individuals, and organizations about the cyber threats facing our country, and it provides avenues for them to take protective measures in the face of these threats. The release of this report, combined with our most recent investment of $875 million in Budget 2022 towards bolstering our cyber defences, and other ongoing efforts of the Canadian Centre for Cyber Security, will help ensure we are prepared to act, adapt and react to cyber threats."
- Honourable Anita Anand,
Minister of National Defence
“As Canadians, we benefit greatly from our digitally connected lives. However, this comes at a cost. Ransomware attacks are becoming more frequent, our critical infrastructure more vulnerable and the information we encounter online more divisive and misleading. We’ve said it before, but we’ll say it again: now is the time to take cyber security seriously. We hope that Canadians - individuals and organizations alike – will heed our call to action and that, together, we can build a more secure Canada.”
- Sami Khoury,
Head of the Canadian Centre for Cyber Security
The state-sponsored cyber programs of China, Russia, Iran, and North Korea continue to pose the greatest strategic threats to Canada.
Nation states are increasingly willing and able to use misinformation, disinformation and malinformation (MDM) to advance their geopolitical interests.
State-sponsored actors target critical infrastructure to collect information through espionage, to pre-position in case of future hostilities and as a form of power projection and intimidation.
Cybercriminals deploying ransomware have evolved in a growing and sophisticated cybercrime ecosystem and will continue to adapt to maximize cybercrime profits.
Digital assets, such as cryptocurrencies and decentralized finance, are targets and tools for cyber threat actors to enable malicious cyber threat activity.
For more information, please contact (media only)
Communications Security Establishment
- Date modified: