Francois Dicaire (left to right), deputy assistant commissioner IT for the Canada Revenue Agency, Gabrielle Beaudoin, director general of communications for Statistics Canada, Scott Jones, assistant deputy minister, IT Security at the Communications Security Establishment, John Glowacki, chief operating officer of Shared Services Canada, and Jennifer Dawson, deputy chief information officer, Treasury Board Secretariat, give a technical briefing on an internet security vulnerability affecting Government of Canada websites in Ottawa on Monday, March 13, 2017. THE CANADIAN PRESS/ Patrick Doyle

Gov’t acted ‘within hours’ of website security breach

OTTAWA — A security breach at Statistics Canada’s main website prompted the government to shut down a number of services over the weekend, including electronic tax filing at the Canada Revenue Agency, officials confirmed Monday.

That shutdown helped to ensure that the private information of Canadians was never compromised, officials said during a briefing to explain why the statistical agency’s site and that of the CRA had been largely unavailable.

Federal IT security officials were made aware of a bug in a computer program widely used by the federal government late Wednesday, Shared Services Canada’s chief operating officer, John Glowacki, told the briefing.

But it wasn’t until Thursday, after a breach was discovered at Statistics Canada, that the plug was pulled on the agency’s web servers.

“Thursday, at about midday, the StatCan information came to light … based on a variety of systems we have scanning the environment,” Glowacki said.

“Within, I’d say, three to four hours … (from) when we recognized that there was activity on the server that wasn’t authorized, it was taken offline.”

That action launched a cascade of events that resulted in online services at the Canada Revenue Agency being shut down as well.

The tax agency took several of its web-based services offline as a precaution Friday as IT experts scanned other government departments to see whether they could be affected by a problem that was detected in computer servers used by websites worldwide.

By late Sunday, CRA reported it had fixed its systems, tested for the vulnerability and had brought the services back online.

The CRA services affected by the shutdown included “My Account,” “My Business Account,” “Netfile,” “EFILE” and “Auto-Fill My Return.”

Statistics Canada’s main website, which officials described as a “soft target,” was also back up and running by late Sunday.

Officials maintained that no personal data had been compromised before CRA took what they described as a preventative measure.

“There was unauthorized access to our web server,” Gabrielle Beaudoin, director general of communications at Statistics Canada, confirmed. “That server does not contain any personal or sensitive information.”

The government also insisted that all affected departments “acted very quickly” to deal with the issue.

IT news website ArsTechnica reported last week that the vulnerability had been identified by the international cybersecurity community as early as Monday, and that by mid-week attacks were escalating on websites by hackers using a code-execution bug in the web application framework known as Apache Struts 2.

The “critical vulnerability” allowed hackers to take almost complete control of web servers used by banks, government agencies, and large Internet firms.

Despite a patch being made quickly available, hackers were still exploiting the bug throughout the week to inject their own commands into servers that had not yet installed the update, said ArsTechnica.

Researchers at Cisco Systems said they had seen a “high number of exploitation events” by hackers attempting to carry out a range of malicious acts.

Attackers were injecting commands into web pages to prevent firewalls from protecting the servers, allowing malware to be uploaded that could, among other things, hide their real IP address during Internet chats or cause a denial of service.

“These are several of the many examples of attacks we are currently observing and blocking,” Cisco’s Nick Biasini wrote on the Hack Players website.

“The payloads being delivered vary considerably, and to their credit, many of the sites have already been taken down and the payloads are no longer available.”

Canadian officials said Monday that other countries that had not responded quickly to the vulnerability were facing more serious breaches, although they wouldn’t say which countries.

While a forensic investigation has been launched into who breached the Statistics Canada website, and from where, it may be impossible to nail down a specific hacker, or to even identify the country where the attack originated, said Scott Jones, assistant deputy minister, IT Security at Communications Security Establishment, Canada’s electronic spy agency.

“Country of origin is really misleading,” said Jones. “You can always pretend to be from somewhere.”

The government operates roughly 26,000 computer servers attached to “millions” of devices, spanning dozens of federal departments, said Jones.

Security officials are also alerted to multiple potential computer software threats daily, but not all of them pose a serious risk, he added.

Just Posted

A million dollars for Red Deer hospital is not nearly enough, says Mayor Vee

Mayor is concerned Red Deer hospital is still not on province’s five-year capital list

Alix man arrested for fleeing police in allegedly stolen vehicle

An Alix man was arrested after fleeing police in an allegedly stolen… Continue reading

Red Deer hospital expansion advances to square one

Planning for future needs gets $1-million over two years

Divergent views on budget expressed by Red Deer school boards

Red Deer’s two school board chairs have opposite views on the provincial… Continue reading

WATCH: Hundreds come to Red Deer Rebels Fan Fest

The Red Deer Rebels met with legions of their of fans just… Continue reading

2 killed, dozen hurt in French supermarket hostage-taking

PARIS — An armed man took hostages in a supermarket in southern… Continue reading

READER PHOTO: Red Deer students celebrate Canadian courage at Juno Beach

Teenagers from Red Deer’s Lindsay Thurber Comprehensive High School are learning about… Continue reading

UN report: Loss of plants, animals making a lonelier planet

WASHINGTON — New United Nations scientific reports diagnose that Earth is getting… Continue reading

Excavator frees dolphins trapped by pack ice in Newfoundland harbour

HEARTS DELIGHT, N.L. — A pod of dolphins trapped by pack ice… Continue reading

Structure fire destroys home in Mirror

A house in Mirror is completely damaged due to an overnight structure… Continue reading

Trudeau warns senators not to thwart will of Canadians on marijuana bill

OTTAWA — Prime Minister Justin Trudeau is reminding senators that his government… Continue reading

Burgers outselling classic baguette sandwiches in France

PARIS — Forget the baguette. The French are going crazy for burgers.… Continue reading

Most Read

Five-day delivery plus unlimited digital access for $185 for 260 issues (must live in delivery area to qualify) Unlimited Digital Access 99 cents for the first four weeks and then only $15 per month Five-day delivery plus unlimited digital access for $15 a month