In a recent statement, Canadian ministers have raised alarms over the rising threat of malicious cyber activity aimed at the country's critical infrastructure. This warning was issued by the Honourable David McGuinty, Minister of National Defence, and the Honourable Gary Anandasangaree, Minister of Public Safety, on November 26, 2025, in Ottawa.
"Malicious cyber activity targeting Canada’s critical infrastructure—like power, water, health, finance and transportation—are on the rise and are a real and urgent threat," said McGuinty. The ministers pointed out that these attacks, perpetrated by both state-sponsored and non-state actors, pose serious risks to the essential services that Canadians depend on daily.
"Malicious cyber activity targeting Canada’s critical infrastructure—like power, water, health, finance and transportation—are on the rise and are a real and urgent threat,"
Impact and Legacy
They emphasized that disruptions to critical infrastructure go beyond immediate public safety concerns, encompassing long-term impacts on public confidence, economic stability, and environmental integrity. Anandasangaree noted, "State-sponsored cyber actors have the capability to target Canada’s critical infrastructure, pre-positioning themselves to disrupt or destroy critical services in times of crisis or conflict."
Furthermore, the statement highlighted the motivations behind these cyber threats. "Cyber criminals and other non-state cyber actors continue to target critical infrastructure for financial gain, in support of geopolitical or ideological interests, or for personal reasons, such as acts of revenge by disgruntled former employees or customers," stated McGuinty.
"Cyber criminals and other non-state cyber actors continue to target critical infrastructure for financial gain, in support of geopolitical or ideological interests, or for personal reasons, such as acts of revenge by disgruntled former employees or customers,"
In light of these threats, the ministers made a clear call to action. "This is a call to be ready. Too often, hostile actors gain access to critical infrastructure through weaknesses that are preventable," emphasized Anandasangaree. They urged operators of critical infrastructure, particularly municipalities and private enterprises, to heighten their cybersecurity measures. Key recommendations included adopting best practices in cyber security, such as those outlined in the Cyber Centre’s Cyber Security Readiness Goals, and embracing secure-by-design principles.
They also cautioned, "Report incidents promptly and work closely with government agencies to prevent and respond to threats." The government's role in addressing these challenges was made clear, with both ministers asserting their commitment to ongoing collaboration and vigilance. McGuinty mentioned, "The Government of Canada is working tirelessly to detect, respond to, and mitigate threats. We are committed to transparency and collaboration, ensuring that Canadians and our critical infrastructure sectors have the information and support they need to stay secure."
Looking Ahead
Looking Ahead
Looking Ahead
"Protecting our critical infrastructure is essential for keeping Canadians safe and our economy strong," stated Anandasangaree. The ministers reiterated the importance of collective action, urging all sectors and citizens to remain alert and proactive in defending against cyber threats. "Together, we can defend against cyber threats and safeguard our nation’s future," Anandasangaree concluded.
"Together, we can defend against cyber threats and safeguard our nation’s future,"
This joint statement underscores a growing awareness and urgency regarding cybersecurity in Canada. As developers of national policy and practices work to strengthen critical defenses, the advice for citizens and businesses alike remains the same: vigilance, preparedness, and cooperation are crucial in the face of evolving cyber threats.
With infrastructure under constant potential attack, the outlook for Canadian cybersecurity will largely depend on the coordinated efforts of the government, private sector, and the public to foster a resilient cyber environment.