The Canadian Centre for Cyber Security (Cyber Centre) says a sophisticated Chinese threat actor has performed numerous reconnaissance scans against government organizations.
Spanning over several months in 2024, most of the observed scanning activity targeted Canadian government departments and agencies, political parties, and the House of Commons and Senate.
However, democratic institutions, critical infrastructure, defense entities, media organizations, NGOs, and think tanks were also targeted for reconnaissance, Cyber Centre says.
“The Cyber Centre is aware that a sophisticated state-sponsored threat actor from the People’s Republic of China has performed broad based reconnaissance scanning over several months against numerous domains in Canada,” the agency notes.
Scanning activity occurs on a near-constant basis, but the operations of this sophisticated threat actor against multiple industries “is an opportunity to increase awareness of the potential threats facing Canadian organizations and share simple steps everyone can take to protect against them,” Cyber Centre says.
However, the agency also points out that the reconnaissance activity does not indicate that any of the targeted organizations has been compromised.
Instead, it shows that the attackers are gathering information on these entities, potentially looking for exploitable vulnerabilities, likely in preparation for future, malicious attacks, Cyber Centre notes.
Organizations in Canada are advised to take protective measures to defend against these reconnaissance scans by following security best practices, such as implementing multi-factor authentication, checking logs for suspicious activity, and educating employees on phishing and social engineering.
“Threat actors often take advantage of unpatched systems. Organizations can protect themselves by ensuring they have updated their operating systems and applications to protect against all known vulnerabilities,” the agency says.
Related: DoJ: Chinese Man Used Spear-Phishing to Obtain Software From NASA, Military
Related: China and US Envoys Will Hold First Top-Level Dialogue on Artificial Intelligence
Related: China Accuses US of ‘Tens of Thousands’ of Cyberattacks
Related: US, UK Leaders Raise Fresh Alarms About Chinese Espionage
