Cyber attacks: Several Canadian government services disrupted

CyberPanther

Level 6
Thread author
Verified
Well-known
Oct 1, 2019
295
Several services, including the national revenue agency, had to be shut down following a series of credential-stuffing attacks

Cybercriminals set their sights on the Canadian government at the beginning of August, when several government services were disabled following a series of cyberattacks. On August 15, the Treasury Board Secretariat announced that approximately 11,000 online government services accounts, originating from the Government of Canada Key service (GCKey) and Canada Revenue Agency (CRA) accounts, had been victims of hacking attempts. The GCKey allows Canadians to access the online services of several Government of Canada programs and services, including Employment Insurance services, while the CRA manages Canadians’ tax services as well as Canada Emergency Benefit (ECP) payments, a support program for employees who have lost their jobs due to the pandemic.

On August 7, CRA noticed the first signs of credential-stuffing attacks on its website. Credential stuffing means criminals try to use previously stolen credentials to log into another account owned by the same victim. Unlike a brute-force attack, bad actors therefore use previously stolen user/password combinations to access a third-party service.

Annette Butikofer, CRA’s Chief information officer, explains that the agency did not notify the RCMP until August 11, then informing the general public and suspending access to its online services on August 15. She mentioned: “We were very confident that the monitoring was good, but after [the events involving] the KEICC, we noticed an attack on Saturday and decided to block and close our portal.” The agency’s online services were restored on August 19.

 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top