The Communications Security Establishment Canada (CSE) and its Canadian Centre for Cyber Security (Cyber Centre) call upon Canadian organizations to stay alert and enhance their defenses against malicious cyber threats as the third anniversary of Russia’s full-scale invasion of Ukraine nears. Over the last three years, the Cyber Centre has observed pro-Russia cyber hackers targeting organizations in countries, including Canada, that have provided support to Ukraine. This activity has included cyber campaigns targeting critical infrastructure and distributed denial-of-service (DDoS) attacks on government and business websites.
The Cyber Centre advises operators of Internet-connected operational technology (OT) devices to stay vigilant and informed about potential threats, as these systems are highly discoverable and susceptible to cyber attacks. Russian state-sponsored cyber actors might employ simple brute force methods, like MITRE ATT&CK’s T1110, to exploit exposed OT devices. Operators must implement effective security measures to protect against such threats.
“Critical infrastructure operators and Canadian organizations should also prepare for potential disruptions and website defacements, as well as be aware of threats from cyber actors aligned with Russian interests,” the alert added. “The Cyber Centre has previously reported the rise of ideologically driven, pro-Russia non-state cyber groups conducting malicious activity against perceived enemies. These groups are less sophisticated than state-sponsored actors but act autonomously, leading to unpredictability and a higher tolerance for risk.”
The Cyber Centre continues to share valuable cyber threat information throughout the year with Canadian critical infrastructure and government partners through protected channels. “We also actively monitor the cyber threat environment in Canada and globally. We encourage any Canadian organizations who believe they may have been targeted by cyber threat activity to contact the Cyber Centre.”
Last October, the Cyber Centre, a part of the Communications Security Establishment Canada (CSE), released voluntary guidelines designed to further protect essential services for people in Canada and enhance cyber security resilience overall. The Cyber Security Readiness Goals (CRGs) resource offers a toolkit with 36 cross-sector cyber security practices that build on available advice and guidance. The CRGs list important steps organizations can take toward goals that will improve their cyber security posture in the face of increasingly complex cyber security threats.
The agency also published its National Cyber Threat Assessment 2025-2026 (NCTA 2025-2026) to better address the expanding and complex cyber threat landscape. A growing cast of malicious and unpredictable state and non-state cyber threat actors, from cyber criminals to hacktivists, are targeting the nation’s critical infrastructure and endangering national security. These actors are evolving their tradecrafts, adopting new technologies, and collaborating to improve and amplify their malicious activities.
