Canadian Centre for Cyber Security releases National Cyber Threat Assessment 2025-2026
News release
Ottawa, Ontario – October 30, 2024
The Canadian Centre for Cyber Security (Cyber Centre) has released its National Cyber Threat Assessment 2025-2026 (NCTA 2025-2026). As with previous assessments, it provides a snapshot of cyber threats affecting Canada and Canadians and forecasts how they may evolve in the coming years. The Cyber Centre’s flagship report helps build Canada’s resilience to cyber threats.
Canada is confronting an expanding and complex cyber threat landscape with a growing cast of malicious and unpredictable state and non-state cyber threat actors. The Cyber Centre assesses that state-sponsored and financially motivated cyber threats are increasingly likely to affect Canadians, and foreign threat actors are moving beyond espionage to conduct more disruptive activities.
NCTA 2025-2026 shows that cybercrime remains a persistent, widespread and disruptive threat to individuals, organizations and all levels of government across Canada, and that ransomware is the top cybercrime threat facing Canada’s critical infrastructure. It also says that the Cybercrime-as-a-Service business model is almost certainly contributing to the continued resilience of cybercrime in Canada and around the word.
The report states that state-sponsored cyber threat actors are becoming more aggressive and are almost certainly combining disruptive computer network attacks with online information campaigns to intimidate and shape public opinion. Well-known state adversaries continue to support sophisticated, active programs against Canada and our allies to serve their own political, economic or military objectives.
Additionally, the report highlights key trends that will shape the cyber threat environment from now until 2026, like the impact of AI in amplifying threats and how geopolitical tensions are inspiring cyber threat activity from non-state groups.
As cyber threats continue to become more complex and sophisticated, the Government of Canada has made cyber security a priority. Budget 2024 proposed $917.4 million over five years to enhance intelligence and cyber operations programs to respond to these evolving threats. Canada’s defence policy update, Our North, Strong and Free, also announced the Canadian Armed Forces (CAF) Cyber Command, a joint Canadian cyber operations capability between CSE and the CAF that will play a pivotal role in maintaining Canada’s cyber security.
As Canada’s leading authority in cyber security, the Cyber Centre continues to publish its best advice and guidance for Canadians, Canadian organizations and critical infrastructure to address the cyber security threats outlined in our reports and assessments.
Quotes
“As we continue to become more connected than ever, we cannot deny that the cyber threats we face are evolving. Canadians have no doubt noticed the increase in cyber incidents in recent years, and these will only become more pervasive. The National Cyber Threat Assessment 2025-2026 is an important tool to inform and equip our people and our organizations—both on what we are facing now and what we can expect in the coming years.”
- The Honourable Bill Blair, Minister of National Defence
“Since our first report, the threats have remained constant—cybercrime, ransomware, state-sponsored attacks and disruptions continue. The key changes over the years have been the methods and severity of these tactics. Tools that make our digital lives easier also make it easier for cyber criminals to disrupt them. The platforms we rely on to connect with family and friends get used by our adversaries to promote division. The information we provide in the National Cyber Threat Assessment helps us all better understand the threats and how we can work together to protect ourselves and defend our country. It’s up to all of us to make Canada’s cyber space safer and more secure.”
- Rajiv Gupta, Head, Canadian Centre for Cyber Security
Quick facts
-
This is the fourth edition of the Cyber Centre’s National Cyber Threat Assessment. It is published every two years.
-
Judgments made in the NCTA 2025-2026 rely on reporting from multiple sources, both classified and unclassified.
-
Canada’s state adversaries are using cyber operations to disrupt computer networks and conduct online information campaigns to divide our society.
-
The People’s Republic of China’s (PRC) expansive and aggressive cyber program presents the most sophisticated and active state cyber threat to Canada today. The PRC cyber program’s scale, tradecraft, and ambitions in cyberspace are second to none.
-
Russia’s cyber program furthers Moscow’s ambitions to confront and destabilize Canada and its allies.
-
Iran uses its cyber program to coerce, harass, and repress its opponents, while managing escalation risks.
-
Ransomware is the top cybercrime threat facing Canada’s critical infrastructure.
Associated links
Contacts
For more information, please contact (media only):
Media relations
Communications Security Establishment
Email: media@cse-cst.gc.ca
Office of the Minister of National Defence
Simon Lafortune, Press Secretary and Communications Advisor
Email: simon.lafortune2@forces.gc.ca
Stay connected
Follow Cyber Centre and CSE on X (formerly known as Twitter) and on Linkedin.
Page details
- Date modified: