NEW DELHI: Amid an ongoing diplomatic row, Canada has for the first time named India in a list of cyberthreat adversaries and suggested state-sponsored actors could be spying against it, an allegation that New Delhi slammed on Saturday terming it to be another example of Ottawa's strategy to attack India.
India is named fifth after China, Russia, Iran and North Korea in the National Cyber Threat Assessment 2025-2026 (NCTA 2025-2026) report.
We assess that Indian state-sponsored cyber threat actors likely conduct cyber threat activity against Government of Canada networks for espionage, the report said.
India is also mentioned in the trend on 'geopolitically inspired non-state actors are creating unpredictability' citing as an example how a pro-India hacktivist group claimed to have defaced and conducted brief attack against Canadian websites after India was accused of involvement in the killing of a Canadian citizen.
The NCTA 2025-2026 highlights the cyber threats facing individuals and organisations in Canada was released on October 30 by the Canadian Centre for Cyber Security (Cyber Centre), which is Canada's technical authority on cyber security, and part of the Communications Security Establishment Canada (CSE). The assessment reports are released every two years.
While there was no mention of India in the National Cyber Threat Assessment reports of 2018, 2020 and 2023-24, the 2025-26 assessment mentions India along with China, Russia, Iran and North Korea -- in the 'Cyber threat from state adversaries' section that introduces the state cyber threat ecosystem and discusses the cyber threats to Canada.
India's leadership almost certainly aspires to build a modernised cyber programme with domestic cyber capabilities.
India very likely uses its cyber programme to advance its national security imperatives, including espionage, counter-terrorism, and the country's efforts to promote its global status and counter-narratives against India and the Indian government, the assessment report said.
It further added that India's cyber programme likely leverages commercial cyber vendors to enhance its operations. And aslo that Indian state-sponsored cyber threat actors likely conduct cyber threat activity against Government of Canada networks for the purpose of espionage.
It claimed that official bilateral relations between Canada and India will very likely drive Indian state-sponsored cyber threat activity against Canada. CSE and its partners in Canada and across the Five Eyes are attuned to the cyber threats to Canada from state and nonstate cyber threat actors and are tracking them as they evolve, the report said.
NCTA 2025-2026 provides the Canadian public with CSE's current insights on the state and non-state cyber threat actors conducting malicious cyber threat activity against Canada and how we assess the cyber threat landscape will evolve in the next two years, it added.
Canada is confronting an expanding and more complex state cyber ecosystem, the report said, and talked about strategic adversaries, emerging cyber programmes and a wider cyber ecosystem.
In the 'Emerging cyber programmes,' it said: At the same time, countries that aspire to become new centres of power within the global system, such as India, are building cyber programmes that present varying levels of threat to Canada.
While emerging states focus their cyber efforts on domestic threats and regional rivals, they also use their cyber capabilities to track and surveil activists and dissidents living abroad, it added.
The NCTA 2025-2026 also mentioned geopolitical conflicts and tensions are inspiring disruptive cyber threat activity from non-state groups, commonly referred to as hacktivists and gave example of how geopolitically motivated hacktivists typically conduct attacks to gain attention, such as distributed denial-of-service (DDoS) attacks, website defacements, and data leaks from Russia and India.
Diplomatic tensions are also inspiring hacktivist activity.
After Canada accused India of involvement in the killing of a Canadian citizen, a pro-India hacktivist group claimed to have defaced and conducted brief DDoS attacks against websites in Canada, including the public-facing website of the Canadian Armed Forces, the report said.This non-state ecosystem is dynamic and unpredictable, it added.
The development comes as the bilateral relationship has gone south since Prime Minister Justin Trudeau said a year ago that Canada had credible evidence that agents of the Indian government were involved in the murder of Canadian Sikh activist Hardeep Singh Nijjar in British Columbia in June 2023, a charge dismissed as absurd by India.
Meanwhile, the Ministry of External Affairs (MEA) on trashed the report.
MEA spokesperson Randhir Jaiswal told reporters in New Delhi, "Another category, Canada has put India into. This categorisation is as per the cyber report that they have issued. It appears to be another example of a Canadian strategy to attack India. As I mentioned earlier, their senior officials have openly confessed that they are seeking to manipulate global opinion against India, as on other occasions, imputations are made without any evidence", Jaiswal added. While rejecting India being bracketed in that category, the MEA spokesperson said the accusation being levelled against India is absolutely not right.
India has been maintaining that the main issue between the two countries is that of Canada giving space to pro-Khalistan elements operating from Canadian soil with impunity. India last month expelled six Canadian diplomats and withdrawn its high commissioner Sanjay Verma and other targeted officials from Canada after strongly dismissing Ottawa's charges.