International Tensions and Cyberwarfare: What Are the Threats to Canadian Business Security?

The rise in geopolitical tensions over the past few years has been accompanied by an escalation in cyber threats worldwide. As of April 2025, the international climate—shaped by the war in Ukraine, U.S.-China rivalries, and crises in the Middle East—fuels an ongoing cyberwarfare in the background. Canadian businesses, whether multinational corporations or SMEs, are not immune to these risks. On the contrary, they may become direct or collateral targets of politically motivated cyberattacks.

This article reviews recent real-world examples of geopolitically driven cyberattacks, analyzes the international context and its consequences for corporate security, and offers a best-practice checklist for protection.

Cyberwarfare: Real Attacks Against the Backdrop of Global Tensions

Cyberattacks linked to nation-states or politico-ideological groups are no longer science fiction. Several recent incidents show how international conflicts and rivalries manifest as offensives in cyberspace, with very real impacts on civilian infrastructure and businesses:

Chinese Espionage and Sabotage

According to a Canadian federal report, China is running the “most active and sophisticated” cyber operations program targeting Canada, stealing sensitive data from Canadian businesses and institutions.

• Recently, a Chinese cybersecurity company (Integrity Technology Group) was sanctioned for infiltrating a global network of IT devices, including 9,200 devices in Canada, to launch attacks on other targets.
• This campaign, conducted from 2022 to 2023 by the malicious group Flax Typhoon, compromised 260,000 devices across nearly 20 countries—mainly to target entities in Taiwan and possibly U.S. infrastructure.

These figures illustrate the scale a state-sponsored operation can reach, and how Canadian infrastructure was unknowingly conscripted into a large-scale international cyberattack.

War in Ukraine and Russian Attacks

The Russia-Ukraine conflict has been accompanied by a full-scale cyberwar.

• From the outset of the invasion in 2022, state-sponsored Russian actors deployed destructive malware in Ukraine, notably disrupting government networks.
• A cyberattack attributed to the Russian military disabled a major satellite network in Ukraine in February 2022, cutting off Internet access for tens of thousands of Europeans.

This sabotage underscored the risk of collateral damage on a regional scale. Moreover, Canadian intelligence confirms that Russia does not hesitate to target Western interests as well:

• Exploiting vulnerabilities, such as the SolarWinds breach in 2021.
• Espionage targeting Canada’s COVID-19 vaccine research in 2020.
• Deployment of the NotPetya malware in 2017, which caused significant damage to government and commercial networks globally.
• NotPetya, although initially aimed at Ukraine, ended up crippling multinational companies worldwide—demonstrating how a cyberweapon can easily spiral out of control.

In addition, pro-Russian groups have also targeted civilian infrastructure through hacktivism. In 2023–2024, collectives like KillNet claimed responsibility for DDoS attacks on government websites and infrastructure across Europe and North America to protest support for Ukraine, rendering certain online services unavailable for hours.

Iranian and North Korean Threats

Other adversarial states are leveraging cyberspace to offset their military or economic limitations.

• Iran has stepped up its cyberattacks against Western countries following heightened tensions in the Middle East in late 2023. While Canada is not a primary target, Tehran has used cyber tactics to phish members of the Iranian diaspora in Canada—for instance, by circulating fake content related to Flight 752, which was shot down in Tehran, in order to entrap Iranian nationals living in exile.
• North Korea, for its part, poses a distinct cyber threat. Diplomatically isolated, it funds its regime through lucrative cybercrimes (cryptocurrency theft, ransomware, bank heists) and may launch disruptive attacks in times of crisis. Western agencies consider it, alongside Russia, China, and Iran, as one of the main strategic cybersecurity threats in the coming years.

These examples demonstrate that cyberwarfare is already a reality. Whether stealing industrial secrets, sabotaging critical infrastructure, or destabilizing economies, hostile actors have a diverse arsenal—destructive malware, stealth espionage, massive denial-of-service attacks, and more—that they now deploy without hesitation amid rising international tensions.

A Tense Geopolitical Landscape That Amplifies Cyber Threats

The current diplomatic landscape is particularly unstable, and this instability is mirrored in the digital sphere.

Canada, the United States, Europe, China, Russia… all are involved in a reshaping of power dynamics, with cyberspace emerging as a prime battlefield for confrontation and espionage. For Canadian businesses, understanding this global context is crucial for anticipating risks.

Alliances and Rivalries Moving Online

The ongoing tariff war, initiated by the Trump administration, threatens the economic security of Canadian companies in 2025. This unprecedented commercial standoff between long-time allies highlights a profound rethinking of traditional alliances.

• According to Canadian Prime Minister Marc Carney, the economic and security cooperation framework built with the U.S. since World War II “no longer exists”. In light of this geopolitical rupture, Canada must reposition itself strategically.
• On the economic front, diversifying trade partnerships (Europe, Asia-Pacific, etc.) and strengthening the resilience of its supply chains has become essential to reduce overdependence on the U.S. market.

In terms of security, Ottawa is exploring deeper ties with alternative allies, for instance through enhanced defense cooperation with Europe or the prospect of a CANZUK bloc with the United Kingdom, Australia, and New Zealand. At the same time, it is investing in its own military capabilities to compensate for growing uncertainty surrounding traditional U.S. support.

This strategic realignment—both offensive and defensive—is ultimately aimed at ensuring a more stable and secure business environment for Canadian companies despite global political volatility.

Proliferation of Hostile Nation-State Actors

While China and Russia dominate the headlines, other nations with advanced offensive capabilities are entering the fray.

• As previously mentioned, Iran and North Korea present distinct challenges—but more recently, diplomatic tensions between Canada and India (following allegations of foreign interference) suggest an elevated risk of Indian espionage targeting Canadian entities.
• For the first time, a 2024 Canadian report identifies India as a “hostile state” in cybersecurity, likely to engage in cyber-espionage activities against Canada.

In other words, the number of potential adversaries is growing, making the job of cyber defenders increasingly complex.

Hybrid Threats and Difficult Attribution

Modern cyberwarfare blurs the line between state and criminal actors.

• “Patriotic” hacker groups or cyber-mercenaries may act on behalf of a nation without official affiliation, complicating attribution. For example, ransomware gangs operating in Russia or China target Canadian companies for financial gain, yet enjoy total impunity in their home countries. Some experts believe these groups could, when needed, serve as a digital proxy force for their governments. The inability of international justice systems to reach these cybercriminals creates a favorable environment for malicious operations against our organizations.
• Disinformation is another politically motivated weapon. Russia is highly proficient in online propaganda campaigns designed to sow distrust and discord in the West. While these are not technical attacks on IT systems, the resulting fake news climate can indirectly impact businesses—fueling phishing scams, or damaging the reputation of targeted firms, for instance.

In short, the current global political climate is significantly intensifying the level of cyber threat facing Canada. A recent survey reveals that 85% of IT decision-makers believe geopolitical tensions are increasing the risk of cyberwarfare, and more than four out of five are concerned about the potential impact on their organizations.

In light of this reality, businesses must treat cybersecurity not merely as a technical concern, but as a strategic imperative tied to national security and economic resilience.

Best Practices: A Cybersecurity Checklist for Businesses

Amid increasingly sophisticated cyber threats, exacerbated by international tensions, every business must adopt a proactive security posture. Below are some essential best practices to strengthen your cyber defense and reduce the risk of incidents:

Actively Monitor Your Systems and Stay Informed

• Implement continuous monitoring of your networks (logs, intrusion detection) to quickly detect any abnormal activity.
• The Cyber Centre recommends heightened organizational vigilance to identify even minor anomalies.
• Subscribe to alerts from threat intelligence centers (CCC, CERTs) to stay informed about imminent threats linked to geopolitical developments (e.g., vulnerabilities exploited by state-sponsored hackers).
• During periods of international crisis, increase your internal threat alert level accordingly.

Keep Systems Up-to-Date and Properly Segmented

• Apply security patches immediately across all servers, workstations, and connected devices, starting with critical updates. Many state-sponsored attacks have succeeded by exploiting known, unpatched vulnerabilities.
• Additionally, segment your network by isolating critical systems. In the event of a breach, this limits lateral movement across your infrastructure.

Strengthen Authentication and Access Control

• Implement multi-factor authentication (MFA/2FA) wherever possible—especially for remote VPN access, administrator accounts, and sensitive services.
• Use password managers to enforce unique and strong credentials across accounts.
• Enforce the principle of least privilege: each employee or system should have only the minimum permissions required to perform their function, reducing the impact of a compromised account.

Raise Awareness Among Employees and Partners

• The majority of attacks begin with phishing or social engineering tactics.
• Regularly train your teams on cyber hygiene best practices: avoid clicking suspicious links, verify the legitimacy of urgent fund transfer requests, and more.
• Conduct simulated attacks (e.g., fake phishing emails) to test employee responses and adapt training accordingly.
• Involve your critical partners and suppliers in these efforts, as attackers increasingly exploit the supply chain to reach their final target.

Prepare and Rehearse Emergency Response Plans

• Before an incident occurs, establish a clear cyber incident response plan as well as a business continuity plan in case systems go down.
• Also develop a crisis communication plan (how to inform customers, employees, and potentially the public or authorities).
• These plans should be tested through exercises (role-playing, red team simulations) to ensure everyone knows their role and recovery would proceed efficiently.
• Good preparation can make the difference between a contained incident and a disaster for your business.

Physically Secure Your Critical Infrastructure

• Remember that cybersecurity also involves physical security.
• Protect access to technical areas (server rooms, data centers) using strict controls (access badges, surveillance, alarms).
• Malicious actors may attempt to infiltrate your premises to steal equipment, install rogue devices, or gain direct access to machines.
• Also monitor removable media (USB drives, etc.), which can introduce malware into your systems.

Back Up and Encrypt Your Data

• Perform regular backups of your critical data, stored offline or in a secure cloud environment, and regularly test your ability to restore from those backups.
• In the event of a destructive attack (such as a Russian-style wiper) or ransomware, this enables you to resume operations without paying a ransom.
• Encrypt sensitive data—both at rest (storage) and in transit—to ensure that even if stolen, it cannot be exploited by unauthorized actors.

Test Your Resilience Through Audits

• Have your security posture periodically assessed by independent experts.
• Penetration testing (pentests) simulates real-world attacks to help identify vulnerabilities before hackers do.
• Remediate any vulnerabilities uncovered during these assessments.
• Similarly, compliance assessments against legal and regulatory frameworks (e.g., Law 25, ISO best practices) will help highlight any gaps that need to be addressed.

This list is not exhaustive, but these measures form a core set of best practices adopted by resilient organizations. By applying them, a business can significantly reduce its attack surface and maximize its chances to detect, prevent, or mitigate the impact of a cyberattack—whether perpetrated by a nation-state or an opportunistic threat actor.

Relying on Trusted Experts: The Value of Commissionnaires du Québec

Despite all internal efforts, navigating the constantly evolving cybersecurity landscape can be complex. This is why partnering with specialized experts can greatly enhance your organization’s protection and peace of mind.

Commissionnaires du Québec, drawing on its longstanding experience in security, offers businesses a comprehensive range of services to meet these challenges by combining physical security and cybersecurity. We deliver an integrated approach to enterprise security.

• High-level physical security: professionally trained security guards, mobile patrols, access control at sensitive sites, event security, etc. This ensures your facilities and physical assets are protected against intrusion or sabotage.
• Proven cybersecurity expertise to safeguard your digital assets—including vulnerability assessments, penetration testing, and advisory services tailored to your sector. Whether you need to build a protection strategy, investigate an incident (cyber forensics), train your staff on current threats, or monitor your IT infrastructure, Commissionnaires experts can support you at every stage of the security lifecycle.

By partnering with professionals like Commissionnaires, you benefit from experienced and qualified insight into your security posture. Our solutions are tailored to your specific needs—whether you’re an SME securing client data or a large organization managing critical infrastructure. In addition, Commissionnaires’ on-the-ground presence (via our agents and advisors) ensures a comprehensive view of risks—both physical and digital—allowing for coordinated mitigation measures.

In conclusion, cyberwarfare driven by global tensions is no longer an abstract threat—it’s a real and pressing challenge for Canadian businesses. In a world where even traditional alliances, such as with the United States, are being reevaluated, companies must acknowledge that a diplomatic crisis abroad can quickly translate into a cyberattack at their doorstep. Adopting a vigilant posture, complying with data protection laws, and rigorously applying cybersecurity best practices have become essential elements of modern risk management. In this complex battle, relying on national resources—whether government-backed expertise or Canadian partners like Commissionnaires du Québec—is now vital. Working with domestic experts ensures strong strategic and regulatory alignment, while also providing independence from shifting international politics, even with historically close allies like the U.S. By combining preparation, caution, and local partnerships, businesses can not only withstand the growing threat of cyberwarfare—but also continue to thrive with confidence and resilience in an ever-evolving digital landscape.