Canada Joins Allies in Warning Against China’s Cyber Operatives Behind Global Espionage System

Udumbara Udumbara
Sep 9, 2025 - 09:58 Updated: Sep 9, 2025 - 09:52
0
Canada Joins Allies in Warning Against China’s Cyber Operatives Behind Global Espionage System

.

Canada has joined a dozen allied nations in warning that Chinese state-sponsored cyber actors are compromising networks to support a global espionage system, and in urging telecommunications and critical infrastructure organizations to take steps to mitigate the threat.

The Canadian Centre for Cyber Security (Cyber Centre) and the Canadian Security Intelligence Service co-signed an international cyber security advisory released late last month detailing how actors sponsored by the People’s Republic of China (PRC) target telecommunications, government, transportation, lodging, and military infrastructure networks globally.
The advisory, titled “Countering Chinese State-Sponsored Actors Compromise of Networks Worldwide to Feed Global Espionage System,” includes information on a Chinese cyber actor known as Salt Typhoon, which is “almost certainly” behind malicious cyber activities that have targeted Canadian telecommunications companies, according to the Cyber Centre.

The joint advisory says Beijing-backed cyber actors are often linked to Chinese technology companies that aid China’s intelligence services, including the People’s Liberation Army and ministry of state security.

It adds that by targeting foreign telecom and internet providers, as well as lodging and transportation sectors, Chinese intelligence services gain the “capability to identify and track their targets’ communications and movements around the world.”

“The authoring agencies strongly urge network defenders to hunt for malicious activity and to apply the mitigations in this [advisory] to reduce the threat of Chinese state-sponsored and other malicious cyber activity,” reads the joint advisory.

The joint advisory was signed by U.S. agencies, including the FBI, and international counterparts from Australia, New Zealand, the U.K., Czech Republic, Finland, Germany, Italy, Japan, the Netherlands, Poland, and Spain.

The document also outlines threat detection guidelines and specific mitigation measures that organizations, particularly those in the telecommunications and critical infrastructure sectors, are encouraged to implement by the authoring agencies.

Canadian Telecom Companies Targeted

The Communications Security Establishment Canada (CSE) told The Epoch Times that while it cannot comment on specific cyber incidents, it is aware of “malicious cyber activities currently targeting Canadian telecommunications companies.”

“The responsible actors are almost certainly PRC state-sponsored actors, specifically, Salt Typhoon,” a CSE spokesperson said in a Sept. 8 statement.

“As part of our joint advisories with partners, we have also previously warned that the PRC has targeted networks globally, which includes all levels of government, critical infrastructure, military infrastructure networks, and industry.”

The CSE made reference to a joint advisory it released in June in collaboration with the FBI, noting that Salt Typhoon cyber actors “likely” compromised three network devices registered to a Canadian telecommunications company in mid-February.

Those actors exploited system vulnerabilities to retrieve configuration files from all three devices, while modifying at least one of the files to enable traffic collection from the network, according to the advisory.

The Cyber Centre noted that malicious activity linked to Salt Typhoon suggests the group’s targeting extends beyond the telecommunications sector, although that sector is “almost certainly” among the highest-priority espionage targets for hostile state actors, as it serves as a “key source” of foreign intelligence collection.

“We assess that PRC cyber actors will almost certainly continue to target Canadian organizations as part of this espionage campaign, including telecommunications service providers and their clients, over the next two years,” the centre said in its June advisory.

The United States has also raised concerns about Salt Typhoon, with the FBI saying the group was responsible for stealing the personal data of millions of Americans.

“Salt Typhoon cyber actors infiltrated the networks of multiple telecommunications companies, recklessly stole personal data belonging to millions of Americans, and in some instances surveilled communications—all in support of the Chinese Communist Party,” the agency said in an Aug. 28 statement, announcing the release of the joint cyber security advisory.
“This release is deeply informed by government and industry investigations,” it added. “It is a milestone in the Salt Typhoon story, but the story isnt finished—we will keep pressing forward until those responsible are brought to justice.”
.
Read More