Canadian Government Shuts Down… Cyber Attack

Canadian Government Shuts Down... Cyberattack

The Canadian government said it was forced to shut down most of its online portals on the weekend after a sustained cyberattack over the last several days.

At one point over the weekend, Canadian officials disclosed they detected as many as 300,000 attempted attacks to access accounts on at least 24 government systems.

“Early on Saturday morning a CRA (Canadian Revenue Agency) portal was directly targeted with a large amount of traffic using a botnet to attempt to attack the services through credential stuffing,” said Marc Brouillard, acting Chief Information Officer for the government of Canada.

READ ALSO| Canadian Sentenced To Death In China For Drug Smuggling

“Out of an abundance of caution the CRA portal was shut down to contain the attack and implement measures to protect CRA services.”A “credential stuffing” attack is one in which stolen usernames and passwords are mined to fraudulently access personal accounts.

In total, more than 11,000 out of 12 million personal accounts were compromised, including tax accounts and online portals accessing Covid-19 relief programs. Government officials say they hope to have online services restored by Wednesday.

“The credentials used in the attack came from previous, non-government of Canada data breaches. They were effective because Canadians reused old passwords on government of Canada systems,” said Scott Jones, head of Canada’s Centre for Cyber Security, adding, “the accounts that used unique, strong passwords remain secure.”Jones noted it is rare for his agency to either confirm or comment on the existence or nature of such a security breach.

Officials stressed that this was what they characterize as a “front door” attack, in which Canadian account holders’ usernames and passwords were compromised because they were previously stolen from other non-government accounts.”This is not an attack where hackers are trying to do [it] through the backdoor.

READ ALSO| Canadian PM Fires Ambassador To China After Remarks On Huawei Case

They are going into the system just like normal users, they are applying credentials just like normal users, so it’s very hard to detect that pattern from all the good traffic,” Brouillard said.

However, officials acknowledged a vulnerability in government security software that has since been detected and repaired.The RCMP is now investigating and officials said they could not comment on whether the attack originated inside or outside of Canada.

A record number of Canadians were accessing Canadian government online portals in order to apply for and receive government aid during the pandemic.

What do you think?

Ronald Koeman Says Barca Release Clause In His Contract Has Caused An “Ugly” Situation

Ronald Koeman Says Barca Release Clause In His Contract Has Caused An “Ugly” Situation

BREAKING: Nigeria Records 410 New Cases Of COVID-19, Total Infections Near 50,000

BREAKING: Nigeria Records 410 New Cases Of COVID-19, Total Infections Near 50,000