Ottawa, 03 November 2024: Canada has, for the first time, identified India among state-sponsored cyberthreat actors in its latest National Cyber Threat Assessment (NCTA) report, released on October 30 by the Canadian Centre for Cyber Security. The 2025-2026 assessment ranks India fifth, following China, Russia, Iran, and North Korea, as potential cyber adversaries, sparking a strong rebuke from New Delhi, which dismissed the claims as “another example” of Canada’s strategy to “attack India.”
The report states, “We assess that Indian state-sponsored cyber threat actors likely conduct cyber threat activity against Government of Canada networks for the purpose of espionage.” It also notes India’s emerging cyber capabilities, which the report attributes to aspirations of national security and global influence, suggesting that “India’s leadership almost certainly aspires to build a modernised cyber programme with domestic capabilities.”
For the first time, India appears in the NCTA’s “Cyber threat from state adversaries” section, a segment outlining the broader state cyber threat ecosystem and discussing threats specifically to Canada. The report contrasts with previous assessments in 2018, 2020, and 2023-24, where India was notably absent from any mention of state-sponsored cyber activity against Canada.
The NCTA also addresses the role of non-state actors in cyberspace, pointing to a rise in “geopolitically inspired hacktivist activities.” In this context, it cites incidents following Canada’s allegations that Indian agents were involved in the June 2023 killing of Canadian Sikh activist Hardeep Singh Nijjar. The report highlights a pro-India hacktivist group’s claim of brief attacks against Canadian websites, including a Distributed Denial-of-Service (DDoS) attack on the Canadian Armed Forces’ public-facing site.
“Diplomatic tensions are also inspiring hacktivist activity,” the report explains. “After Canada accused India of involvement in the killing of a Canadian citizen, a pro-India hacktivist group claimed to have defaced and conducted brief DDoS attacks against websites in Canada.” The report concludes that this non-state threat landscape is “dynamic and unpredictable,” and cautions that geopolitically motivated actors will likely continue exploiting such tensions.
Meanwhile, Canada’s Communications Security Establishment (CSE) and its Five Eyes partners are reportedly monitoring these cyber threats as they evolve, underscoring the complex and expanding cyber landscape facing Canada. According to the assessment, “Countries aspiring to become new centres of power within the global system, such as India, are building cyber programmes that present varying levels of threat to Canada.”
In response, India’s Ministry of External Affairs (MEA) strongly rejected the categorization. MEA spokesperson Randhir Jaiswal remarked, “Another category, Canada has put India into. This categorisation is as per the cyber report that they have issued. It appears to be another example of a Canadian strategy to attack India.” Jaiswal added that Canadian officials have previously admitted to manipulating global narratives against India, often without presenting evidence.
The MEA said that Canada’s ongoing support for pro-Khalistan elements operating on its soil remains the central issue straining bilateral relations. Tensions worsened last month when India expelled six Canadian diplomats and withdrew its high commissioner following Ottawa’s accusations regarding Nijjar’s death—allegations India has consistently rejected as “absurd.”
