Communications Security Establishment chief Caroline Xavier appears as a witness at the Foreign Interference in Federal Electoral Processes and Democratic Institutions Public Inquiry, on Sept. 26 in Ottawa.Adrian Wyld/The Canadian Press
China has become more “audacious and sophisticated” in foreign-interference operations and its hostile cyber activities have evolved significantly over the past two years, senior officials at Canada’s signals intelligence agency have told the Hogue inquiry.
Officials from the Communications Security Establishment told the Foreign Interference Commission Thursday that China, Russia, Iran and North Korea pose a cyberthreat to Canada, but they also identified India and Saudi Arabia as growing players in foreign meddling here.
CSE Chief Caroline Xavier singled out the People’s Republic of China (PRC) as the greater threat because of its relentless cyber and foreign-influence operations in Canadian domestic affairs.
“The PRC is a sophisticated actor, a persistent actor, a patient actor,” she said, calling Beijing a “strategic threat toward Canada.”
Ms. Xavier testified to the inquiry headed by Marie-Josée Hogue that China “permeates multiple spaces, online and otherwise” and is heavily involved in software development, telephone companies and applications such as popular social-media platform TikTok.
Alia Tayyeb, deputy chief of CSE’s signals intelligence and foreign cyber operations, said the tactics and techniques used by China and other hostile states have evolved from simple espionage to “hack and leak” – using hacked networks of computers to flood social media with disinformation, and using artificial intelligence to amplify narratives and harvest data.
Even more worrying, the inquiry heard, is that China is outsourcing cyber disinformation campaigns to third parties, including criminals, or using commercial providers and online marketplaces to obfuscate its operations.
At times, China is successful in evading some social-media platforms’ mechanisms to spot fake content.
“In addition to cyberthreats, we have seen actors like the PRC use traditional foreign-interference tools such as use of proxies, use of proxy organizations, use of state run media” as well as social-media campaigns and data collection, Ms. Tayyeb testified.
Ms. Xavier also noted that India is seeking to become a player in cyber activities to influence diaspora communities in countries such as Canada. Without going into detail for security reasons, she said CSE detected Indian misinformation and disinformation operations directed at Prime Minister Justin Trudeau. He was singled out for his 2018 trip to India and in 2023, after he publicly accused Indian agents of orchestrating the slaying of Canadian Sikh leader Hardeep Singh Nijjar.
“We recognized that there was some misinformation and disinformation going on,” she said.
A document submitted by Global Affairs Canada’s Rapid Response Mechanism, which monitors social media for disinformation, said numerous pro-India government outlets painted Mr. Nijjar as a terrorist. It said other outlets accused Mr. Trudeau of fabricating the murder accusation against India to play up to some Sikh Canadians who seek to carve an independent Sikh state out of India.
In a prehearing interview made public Thursday, Ms. Tayyeb said Russia has not appeared interested in meddling in Canadian elections specifically. Its cyber efforts seem more aimed at sowing mistrust.
Russia does have a long-standing campaign to discredit the U.S. and its allies, and Western democracy in general, which affects Canada and other allies, according to the summary of her interview. Ms. Tayyeb added that CSE has observed Russian cyberthreat activity in Canada, but not directed against Canadian democratic institutions.
Last October, Global Affairs’ Rapid Response Mechanism reported that MPs, including the Prime Minister and Official Opposition Leader Pierre Poilievre, were the targets of a disinformation campaign known as “Spamouflage” that was carried out by the Chinese government in August and September.
RRM said Spamouflage is a tactic that uses networks of new or hijacked social-media accounts to post and amplify propaganda messages across multiple platforms.
Global Affairs reported in July, 2023, that RRM detected a disinformation operation on WeChat directed against Conservative foreign affairs critic Michael Chong in May of that year.
That same month, Mr. Chong learned from The Globe and Mail that Beijing had targeted him and his relatives in Hong Kong in the lead-up to the 2021 election, a revelation that led the federal government to expel a Chinese diplomat behind the effort.
The government later disclosed that former Conservative Party leader Erin O’Toole and NDP MP Jenny Kwan had also been targeted by Beijing in 2021 – and that they remained targets.
CSE warned in late December, 2023, that cyberattacks are on the rise in national elections around the world, including in NATO countries. It said the proportion of elections targeted by cyberthreat activity has increased from 10 per cent in 2015 to 26 per cent in 2022.
Most of these attacks are orchestrated by China and Russia and are forecast to increase in the next two years to target countries of strategic significance, CSE said.
Canada’s next federal election is scheduled for the fall of 2025, but a campaign could take place before then after the New Democratic Party withdrew its support from a pact with the minority Liberal government.
The CSE report said it expects foreign adversaries such as China to use AI-generated deep fakes in the next federal election in Canada because they see this activity as an “obscure and risk-averse way of impacting Canada’s policy outcomes.”