January 2025 Headlines

Canadian Centre for Cyber Security Releases National Cyber Threat Assessment 2025-2026

The Canadian Centre for Cyber Security (Cyber Centre) has published its National Cyber Threat Assessment (NCTA) for 2025-2026 (cyber.gc.ca, 2025). This comprehensive report provides a detailed overview of the evolving cyber threat landscape in Canada, highlighting key trends and potential risks. As cyber threats become increasingly sophisticated, the NCTA serves as a crucial tool for understanding and mitigating these risks.

Key Findings from the NCTA 2025-2026

The NCTA identifies several critical trends and threats that are expected to shape the cybersecurity landscape in Canada over the next two years (cyber.gc.ca, 2025):

1. State-Sponsored Threats: State-sponsored cyber threat actors are becoming more aggressive, combining disruptive network attacks with online information campaigns to influence public opinion and intimidate populations.

2. Ransomware: Ransomware remains the top cybercrime threat, particularly targeting Canada's critical infrastructure. The Cybercrime-as-a-Service model is contributing to the resilience and prevalence of ransomware attacks.

3. AI and Cyber Threats: The report highlights the growing impact of artificial intelligence (AI) in amplifying cyber threats. AI is being used to enhance the sophistication of attacks, making them harder to detect and mitigate.

The release of the National Cyber Threat Assessment 2025-2026 by the Canadian Centre for Cyber Security underscores the importance of staying vigilant and proactive in the face of evolving cyber threats. By adopting the recommended best practices, individuals and organizations can enhance their cybersecurity posture and better protect themselves against potential attacks.

For more detailed information, you can read the full report here.

Cybersecurity Practices to Consider for 2025

In light of the findings from the NCTA, it is essential for individuals and organizations to adopt robust cybersecurity practices. Here are some of the best practices recommended for 2025:

1. Adopt Extended Detection and Response (XDR): Integrating XDR solutions can enhance threat detection and response capabilities, providing a more comprehensive security posture (Desai, 2025).

2. Prioritize Cyber Hygiene: Establishing a routine of cyber hygiene is crucial. This includes regular software updates, strong password policies, and continuous monitoring of network activities (Coursera.org, 2025).

3. Strengthen Supply Chain Security: Ensuring that all third-party vendors and partners adhere to stringent cybersecurity standards can help mitigate supply chain risks (Desai, 2025).

4. Invest in Cybersecurity Education and Training: Continuous education and training for employees at all levels can significantly reduce the risk of human error and improve overall security awareness (Coursera.org, 2025).

5. Explore Quantum-Resistant Encryption: As quantum computing advances, exploring and implementing quantum-resistant encryption methods will become increasingly important to protect sensitive data (Desai, 2025).

Cybersecurity Breach of PowerSchool Impacting Schools across Canada

In a recent cybersecurity incident, PowerSchool, a widely used student information system, experienced a significant data breach affecting multiple school divisions across Canada (Laroche, 2025). This breach has raised concerns about the security of sensitive student and staff information with broader implications for educational institutions.The breach was first discovered on December 28, 2024, and has since been confirmed to affect several regions, including the Cape Breton-Victoria Regional Centre for Education in Nova Scotia (Laroche, 2025). The unauthorized access resulted in the theft of personal information belonging to current and former students, as well as staff members.

Impact on Schools and Students

The compromised data includes sensitive information such as birthdates, addresses, emergency contact details, and sibling information (Loverin, 2025). This breach has disrupted the operations of affected schools, causing significant concern among parents, students, and staff. According to Swan Lake-area Prairie Spirit School Division Superintendent Cheryl Mangin, "a fee was paid by PowerSchool SIS to delete the data and keep it from being released" suggesting a ransomware attack (Loverin, 2025) . Government agencies have been working with PowerSchool and cybersecurity experts to assess the full extent of the breach and mitigate its impact.

Response and Mitigation Efforts

In response to the breach, the affected school divisions have taken several steps to address the situation:

1. Notification and Transparency: Schools have promptly informed affected individuals about the breach and the potential risks involved.

2. Enhanced Security Measures: Immediate counter measures have been implemented to strengthen the security of the PowerSchool system and prevent further unauthorized access.

3. Collaboration with Experts: The Nova Scotia government and other affected regions are collaborating with cybersecurity experts to conduct a thorough investigation and ensure that all vulnerabilities are addressed.

Broader Risks and Lessons Learned

This incident highlights the growing threat of cyberattacks on educational institutions and the need for robust cybersecurity measures. Schools are increasingly becoming targets for cybercriminals due to the vast amounts of personal information they hold (Wong, 2025). The breach underscores the importance of:

1. Regular Security Audits: Conducting frequent security audits to identify and address vulnerabilities in school information systems.

2. Cybersecurity Training: Providing ongoing cybersecurity training for staff and students to enhance awareness and preparedness.

3. Investment in Technology: Investing in technologies such as multi-factor authentication and security practices to protect sensitive data and ensure the resilience of educational institutions.

The Impact in Alberta

According to news sources, this breach has impacted Alberta school boards including Calgary Board of Education (CBE), Edmonton School Board, and Rocky View School Division (ctvnews.ca, 2025). If you are a parent of a student potentially impacted, you should have received a communication from your school board detailing the incident. The cybersecurity breach of PowerSchool in Canada serves as a reminder of the critical importance of cybersecurity in the education sector. 

source: cyfirma.com

US Government Considers Banning TP-Link IoT Devices and Routers: A Security Concern

In recent developments, the US government is contemplating a ban on TP-Link IoT devices, routers, and other networking equipment (Irwin, 2025). This move stems from growing concerns over national security and the potential risks associated with using devices from the Chinese manufacturer. This article explores the reasons behind the proposed ban, its implications, and the broader context of cybersecurity in the IoT landscape. The primary driver behind the potential ban is the security vulnerabilities identified in TP-Link devices. US federal agencies, including the Commerce, Defense, and Justice Departments, are investigating TP-Link for possible security risks (Irwin, 2025). These concerns are not unfounded, as TP-Link routers have been implicated in several high-profile cyberattacks, allegedly linked to Chinese state-sponsored hacking groups.

Market Dominance and Impact

TP-Link has a significant presence in the US market, with its routers making up a substantial portion of home networking devices (Irwin, 2025). The company's dominance has grown considerably since the pandemic, raising concerns about the widespread use of potentially vulnerable devices (Supan, 2025). A ban on TP-Link products could have far-reaching implications for consumers and businesses alike, potentially leading to increased (or replacement) costs and disruptions in the supply chain.

Consumer and Business Implications

For consumers, a ban on TP-Link devices could mean having to replace existing equipment with alternatives from other manufacturers. This transition may come with additional costs and potential compatibility issues (Singh, 2025). Businesses, particularly those relying on TP-Link for their networking needs, may face operational challenges and increased expenses as they adapt to new solutions. The US government's consideration of a ban on TP-Link IoT devices and routers underscores the importance of cybersecurity in today's interconnected world. As investigations continue, it remains to be seen how this potential ban will unfold and what measures will be taken to protect national security while balancing the needs of consumers and businesses.

In researching this article, I enjoyed Matt Brown's YouTube channel to understand the exploitability of a TP-Link IoT device in practice.