The Canada Revenue Agency (CRA) headquarters Connaught Building is pictured in Ottawa last Monday, two days after the agency shut down online operations because of cyber attacks. Online operations have now returned to normal, allowing Canadians to access the agency, a key resource in the battle to stay solvent as the country deals with COVID-19. (THE CANADIAN PRESS/Sean Kilpatrick

After cyber attacks, online access returns at Canada Revenue Agency

Canadians can once again connect online with the Canada Revenue Agency, a key element in the fight to stay economically solvent as the country copes with COVID-19.

The agency says all its services are up and running following a series of cyber attacks that compromised the personal information of thousands of Canadians.

The CRA disabled online services and applications last Saturday after hackers used thousands of stolen usernames and passwords to fraudulently access government services in three separate breaches.

About  5,600 accounts were affected.

A Canada Revenue Agency homepage is shown on a computer in Montreal, last Sunday, a day after the agency shut down online access. THE CANADIAN PRESS/Graham Hughes)

Officials say they were able to re-launch the CRA’s business portal, “My Business Account,” on Monday.

All other services resumed at 5 p.m. on Wednesday.

“The CRA sincerely regrets the impact that these cyber security incidents have had on Canadians. CRA personnel, and our partners, have quite literally been working around the clock to combat the recent attacks, to make sure Canadians’ personal information is safe, and to restore access to services on which Canadians rely,” the revenue agency said in a statement.

The agency says it has modified all its security systems to protect against future cyberattacks and says all individuals affected by the breaches will receive a letter explaining how to confirm their identity in order to protect and restore access to their account.

Government of Canada officials are seen last Monday providing an update on recent cyber attacks against government online services during a technical briefing on Parliament Hill in Ottawa. (THE CANADIAN PRESS/Sean Kilpatrick)

The hackers obtained the information through “credential stuffing,” a type of attack where attackers obtain username and passwords that have been used on other websites.

The agency urged everyone using its online services to update their accounts with unique passwords they don’t use for any other purpose.

It also recommended all CRA “My Account” users enable email notifications, as an additional measure of security.

Users can also opt to use a new security feature that will allow them to set up a unique personal identification number to open an account.

The first of three attacks last week took aim at the GCKey service, which is used by about 30 federal departments and allows Canadians to access services like the My Service Canada account.

By using the previously stolen usernames and passwords, the hackers were able to fraudulently acquire about 9,000 of the some 12 million GCKey accounts.

The  CRA’s system was also hit by the credential stuffing attacks to access the CRA portal, exploiting a vulnerability that allowed them to bypass the CRA security questions and get into thousands more accounts.

As well, the CRA portal was directly targeted with a large amount of traffic trying to attack the services through credential stuffing.

With files from The Canadian Press, CBC News (Raisa Patel, Philip Ling, Ryan Patrick Jones), RCI

Categories: Economy, Internet, Science & Technology
Tags: , ,

Do you want to report an error or a typo? Click here!

For reasons beyond our control, and for an undetermined period of time, our comment section is now closed. However, our social networks remain open to your contributions.