According to the Communications Security Establishment (CSE), China is exploiting Canadian society and interfering in our democracy with great intensity, and this trend is likely to persist well into the future.
“Foreign adversaries are increasingly using cyber tools to target democratic processes around the world. Disinformation has become ubiquitous in national elections,” reads the CSE cyber security report 2023 update on cyber threats to Canada’s democratic process.
A recent example of this happened in May when the CSE issued a notice about "a state-sponsored cyber threat actor associated with the People’s Republic of China" that targeted critical infrastructure.
“We observe that state-sponsored cyber threat actors with links to China continue to conduct most of the attributed cyber threat activity targeting foreign elections since 2021,” the report reads.
Then-Defence Minister Anita Anand said to expect more warnings by the CSE as foreign actors increase their cyber-attacks on Canada.
"We must be clear-eyed about the threats we face, and we must work with all stakeholders, including partners around the world to defend our common interests," she said, calling it a "wake-up call for us all."
While CSE Chief Caroline Xavier called Canada a “lower-priority target,” she claimed 2023 hereon would pose a “higher risk” of foreign election interference than in previous years.
“In the event of an attack, CSE has the capabilities and legal authorities to disrupt cyber activity at the source,” she added, noting that Canada has witnessed more cyber threats against the country in recent years.
Among the tactics typically employed by China and other foreign actors include attempted DDoS attacks against election authority websites, accessing voter personal information or information relating to the election, and vulnerability scanning on online election systems.
According to CSE's 2022/2023 annual report, the agency's automated defences protected Canada from 2.3 trillion "malicious actions" last year. The agency did not clarify the origins of those cyber-attacks at the time of writing.
"As always, there are parts of our work that we cannot share in a public report. We don’t identify specific targets of our signals intelligence gathering or foreign cyber operations. These are classified," said Xavier in the unclassified summary of the agency's work between April 1, 2022, and March 31, 2023.
However, Canada’s democratic process notes cyber threat activity can generate ‘disinformation’ that influences voters “covertly” ahead of elections.
“This disinformation can be part of a wider election influence campaign, where cyber threat actors use social engineering tactics and techniques to manipulate voters’ emotions and behaviours,” it reads.
“Adversaries are seeking to manipulate democratic processes, but that doesn't mean we are powerless to stop them,” Xavier told reporters on December 6.
In June, the CSE concurred that foreign states try to influence Canadian society and democracy through espionage and online ‘disinformation.’
While the 2022/23 annual report did not draw a direct line between China and foreign election interference, the cyber security body did call out China for its diaspora intimidation tactics.
"Authoritarian states use a variety of means to monitor and intimidate diaspora populations around the world, including in Canada. An example of this is the issue of the People’s Republic of China operating 'police service stations' in Canada," it reads.
Rather than targeting election infrastructure directly, cyber threat actors “favour manipulating the information environment,” according to the CSE, calling it “less escalatory.”
“They do this to manipulate a country’s population covertly in the hopes that the outcome of the election will align with their strategic objectives abroad,” reads Canada’s democratic process.
Rebel News asked the CSE Chief if some of those threats emerged from ‘police service stations’ that operated in Canada.
“China remains a cyber threat actor and is doing our part to ensure Canadians are aware,” she said. The CSE did not provide further comment on the ‘police service stations’ as they are subject to an ongoing RCMP investigation.
According to CTV News, an RCMP spokesperson confirmed they "disrupted illegal activity" at these stations. Rebel inquired on the nature of that "activity" but they did not elaborate further.
“The RCMP continues to actively investigate reports nationally of criminal activity in relation to the so-called ‘police stations,’” said RCMP spokesperson Sgt. Kim Chamberland.
“Generally, The RCMP will not comment on specific locations as investigations are ongoing,” she said. “However, [we] can confirm that our national response has disrupted illegal activity.”
Chamberland also noted that some of the activity under investigation occurred at locations where other “legitimate services to the Chinese Canadian Community” are being offered.
“The RCMP recognizes that Chinese Canadians are victims of the activity we are investigating,” reads the statement. “There will be no tolerance for this or any other form of intimidation, harassment, or harmful targeting of diaspora communities or individuals in Canada.”
“Transnational repression is complex and takes many forms, some intended and some otherwise,” it reads.
According to the CSE, it is “very likely” that China will continue to be responsible for most of the attributed cyber threat activity. “We will focus on targeting countries of strategic significance to them,” they said.
“We inform relevant parties and provide them with the necessary mechanisms,” Xavier told reporters on December 6. “Our democracy will be as strong as we make it.”