Cybersecurity threat forces CRA website offline
Posted December 11, 2021 4:41 pm.
Last Updated December 11, 2021 11:40 pm.
The Canada Revenue Agency (CRA) says it has taken its website offline following reports of a security vulnerability affecting organizations around the world.
The CRA says the move is a proactive measure to safeguard “sensitive information online” as they work to secure the systems against any potential threats.
“There is currently no indication that CRA systems have been compromised, or that there has been unauthorized access to taxpayer information because of this vulnerability,” the federal agency said in a statement. “Our services will be available as soon as possible.”
The issue is related to a critical vulnerability in a widely used software tool that cybersecurity experts have called “the worst computer vulnerability discovered in years.”
It was uncovered in an open-source logging tool that is ubiquitous in cloud servers and enterprise software used across industry and government. Unless it is fixed, it grants criminals, spies and programming novices alike easy access to internal networks where they can loot valuable data, plant malware, erase crucial information and much more.
Metrolinx confirmed its GO Transit website was taken offline Saturday “out of an abundance of caution” as they worked to patch the issue.
“The site has been updated to protect it from this latest cyber-vulnerability regarding web-based services around the globe,” the provincial transit agency tweeted.
Files from The Associated Press were used in this report
