Hack targets a Canadian government website

The Canadian government just suffered an embarrassing online security breach… although it wasn’t as bad as it could have been. Officials temporarily took down key parts of two government websites, the tax-oriented Canada Revenue Agency and Statistics Canada, for days after discovering that an unknown entity hacked the statistics bureau’s website. The intruders took advantage of a recent vulnerability in Apache web server software to get in. While the CRA site wasn’t attacked, it shared the same vulnerabilities — the government took down its pages (including online filing and payment systems) as a precaution while applying patches.

The government stresses that the culprit didn’t take any personal or secret information, which would have been extremely damaging for the CRA given its tax role. However, the downtime resulting from the attack couldn’t have come at a worse time for the government and residents alike. The Canadian government’s fiscal year wraps up at the end of March, and most people have to file taxes a month later. If you needed to file taxes early or were hunting for stats to finish a report, you were stuck until officials gave the all clear.

And crucially, the Canadian hack may be a sign of things to come. Officials noted that it’s relatively easy to exploit the Apache security hole, and that there are other countries having a worse time of things. Canada dodged a bullet, to put it another way. While this was troublesome, there’s the potential for future hacks to be far more damaging.

Via: Motherboard, Reuters

Source: CRA, Statistics Canada

Source: Engadget - Read the full article here

Author: Daily Tech Whip

This article is part of our 'News Tiles' service. The site is currently in Beta. When it is fully operational you will be able to search through and arrange the 'Tiles' to display a keyword, product or technology over your chosen time period. For example you would be able to display all of the leading tech articles on the new Kindle Fire, in one spot in real time. You will also have access to our own original reporting and analysis as well as a polished place to post your own thoughts & reviews here, amongst the Daily Tech Whip Community. Please let us know if you have any feedback via the contact form or via Twitter. Don't forget to come back next week and see our full site and claim your name and your own free tech blog.

Share This Post On