Members of Parliament are particularly attractive targets for cybercriminals because of their access to House of Commons networks
OTTAWA — A top government cybersecurity official says the threat landscape has “never been worse”, with attacks happening at unprecedented numbers and levels of sophistication namely from “axis of cyber evil” states.
“It’s bad out there. It’s ugly out there when it comes to cyber,” Sami Khoury, a senior official for cyber security at the Communications Security Establishment (CSE) told attendees of an orientation session for MPs by the Parliamentary Centre on Friday.
Story continues below
Leaning on his 33-year career at Canada’s cyber spy agency split between working on the intelligence side and then heading the Canadian Center for Cyber Security, Khoury painted a bleak picture of the current cyber threat landscape.
Cyber criminals are coming at private and public organizations harder, better, faster and stronger than ever before, he said.
On top of that, there are “daily” breaches by cybercriminals backed by what he called the four “axis of cyber evil” states: China, Russia, Iran and North Korea.
“I can say it hasn’t been it’s never been worse, in the sense that it’s really bad these days,” Khoury said of the cyber threat landscape.
“I would say every indicator is pointing up in terms of the volume of incidents we’re seeing, the variety of incidents… the velocity of these incidents at which they’re coming at us and also the sophistication of these incidents.”
In its latest annual report, CSE said it responded to 2,561 cyber security incidents affecting either the government of Canada or critical infrastructure providers in the 2024-2025 fiscal year.
Story continues below
That’s a 16 per cent increase compared to the previous year as hostile actors increasingly target Canada’s critical infrastructure sectors such as energy, finance, food, water and manufacturing.
Members of Parliament are particularly attractive targets for cybercriminals because of their access to House of Commons networks and government documents.
On Friday, Khoury cautioned MPs to avoid sending themselves files between their professional and personal networks (such as email) and to generally keep their personal and professional lives separate.
“Please, protect the link between your life and your personal life. Passing documents back and forth might seem like an easy way or a simple thing to do, but that becomes a factor for infecting one or two devices that way,” Khoury said.
Khoury said ransomware is the “predominant blight” in the cyber world now, with criminals and state-sponsored groups increasingly deploying sophisticated and cheap tools to lock victims’ systems and demand money to have them unlocked.
