Canada's spy agency reveals state-authorized hacks against drug traffickers and extremists
Canada's Communications Security Establishment conducted state-authorized hacks against drug traffickers, extremists, and a ransomware gang last year.

Canada's Communications Security Establishment (CSE) conducted a handful of state-authorized hacks last year to disrupt the operations of drug traffickers, violent extremists, and a ransomware gang. The disclosures in the Canadian intelligence agency's annual report highlight some of the main national security threats facing Canada and its closest allies. The CSE carried out three foreign "active cyber operations" last year, targeting overseas operations that threaten Canadian national security and public safety.
One operation targeted cybercriminals brokering the sale of chemicals used to create the synthetic opioid fentanyl. The CSE collected intelligence on the brokers and conducted an operation that "disrupted and diminished their ability to operate." Another operation involved collecting signals intelligence on an overseas extremist group spreading violent ideology and recruiting members, including in Canada. The agency analyzed the group's organization, reach, and potential vulnerabilities to conduct an operation that "successfully undermined the group's credibility and limited their ability to radicalize and recruit new members." The CSE also disrupted a ransomware-as-a-service operation that allowed hackers to rent access to a ransomware gang's infrastructure to launch extortion attacks.
The agency identified how the gang worked against the healthcare, transportation, and business sectors in Canada and used an active cyber operation that "rendered the group's infrastructure inoperable." The operation also deleted much of the data on the gang's servers. The agency undertook concurrent "technical disruptions" against 10 of the most significant ransomware gangs targeting Canada to "make parts of their infrastructure unusable." The report did not specify the locations of the hackers, extremists, or the ransomware gang, or the specifics of the operations used to target them. The CSE also carried out one defensive cyber operation during the year to target a phishing campaign aimed at Canadian federal government institutions and other important systems.
The agency disrupted the group's infrastructure and "degraded their ability" to target Canadians. Why this matters: The CSE's disclosures offer a rare glimpse into the priorities of a top spy organization and the tactics used to disrupt national security threats. The operations demonstrate the agency's capabilities in conducting cyberattacks against adversaries and its commitment to defending Canadian systems.
The rise of state-authorized hacks by spy agencies like the CSE and the US's Cyber Command highlights the growing importance of cyber operations in modern national security strategies. As cyber threats continue to evolve, it remains to be seen how these agencies will adapt and what implications their actions will have for developers, businesses, and consumers. The lack of transparency around the specifics of these operations also raises questions about accountability and oversight in the use of cyber warfare tactics.
Source: TechCrunch