Canada was forced to shut down most of its online services over the weekend following an extended multi-day cyberattack on its servers. Online services were temporarily suspended to protect millions of personal accounts from being accessed.
Officials revealed that as many as 300,000 attempted breaches to access government and personal accounts were made at over 24 different government systems. On Saturday, the country's tax collection agency, the Canadian Revenue Agency (CRA), was specifically targeted by a barrage of botnet attacks. Canada's chief information officer, Marc Brouillard, revealed that the attack was using a method called "credential stuffing" to overwhelm the network.
As a precaution, all of the agency's systems were temporarily shut down. While the systems were offline, technicians quickly implemented digital security measures to contain the attack and protect the systems from further damage. The type of attack attempted to access millions of personal accounts using usernames and passwords that were previously mined from another source.
According to CRA officials, more than 11,000 out of the 12 million personal accounts on its systems were compromised. The affected tax accounts included names, addresses, and other data of individuals and businesses. The head of Canada's Center for Cyber Security, Scott Jones, noted that the usernames and passwords that were used during the attack may have been gathered from previous breaches on non-Canadian government systems.
Most of the accounts that were compromised were typically those owned by people or businesses that use the same usernames and passwords for all of their online transactions. Accounts that used unique and strong passwords have remained secure.
The "front door" attack essentially used automated software to log in to accounts using the mined usernames and passwords, which made it very difficult for the system to discern which traffic was fraudulent. Investigators have yet to determine whether the attack originated from inside Canada or if it was done overseas.
Canada expects most of its systems to be back online by Wednesday. This will include the online portal being used by Canadians to access the government's coronavirus relief programs. Several vulnerabilities in the network's software are being beefed up to avoid further attacks. Experts have advised Canadians to check their accounts and to change their passwords to stronger and unique ones as soon as possible.
