The Candian government has confirmed that one of its websites was hit by hackers. The Statistics Canada website was hacked and taken offline for over two days, according to reports. In the aftermath of the cyberattack parts of the Canada Revenue Agency's (CRA) site was also reportedly taken offline by authorities as a precaution.
Authorities claim that the CRA site was not hacked. However, it contained the same bug that affected the Statistics Canada site and it led authorities to shut down the site at the height of tax season. Hackers reportedly exploited the newly uncovered bug in Apache Struts 2 software, which is commonly used in government websites as well as by banks, retailers and other organisations, to hack into the Statistics Canada site.
"In the last 48 hours, the CRA has worked around the clock with other government departments to implement a solution to address the vulnerability," CRA spokeskesperson Patrick Samson told The Globe and Mail. "We are now confident that the solution has been rigorously and successfully tested and services returned online. We took this action as a precaution, not as the result of a successful hack or breach."
"These types of vulnerability reports are issued daily.Some hackers on the internet were actively attempting to exploit this vulnerability," said Scott Jones, Deputy Chief of IT Security in Canada's Communications Security Establishment, the country's NSA analogue, during a call with media outlets, Motherboard reported.
According to Statistics Canada's communications director Gabrielle Beaudoin, the hack did not result in the loss of data. "We have data tables, publications [on that server]," Beaudoin said, adding that no personal or sensitive information was available. "It's all information that's already in the public domain, but there was an intrusion on that server."
The bug surfaced last week following which the Apache Software Foundation issued out a fix, warning that unpatched systems could be vulnerable to hackers, who could gain remote control over a web server, Reuters reported.
Chris Wysopal, Veracode CTO said that bug can allow hackers to steal data and shut down a website. "This vulnerability is super easy to exploit. You just point it to the web server and put in the command that you want to run," he added.
Canadian government security official John Glowacki claimed that some other nations "are actually having greater problems with this specific vulnerability," refraining to mention the countries or further discuss the issue. "We went after this one specifically because we recognized there was a specific and credible threat to certain government IT systems," he added.
The identity and motive of the hackers still remains unclear.