Earlier in August of 2020, it was announced that the CRA was the victim of a massive cyberattack. At the time of this blog post, 5,500 breached accounts. This caused them to shut down the CRA portal to protect your protection.
They used a common tactic; previously breached credentials. This is something we have seen in IT for years, but this is the first time such a significant attack against a government service.
Unfortunately, cybercrime is big business, literally a billion-dollar industry. Due to COVID-19 and the government helping us with CERB payments, it made the CRA a lucrative target.
You are probably wondering, how did these 5,500 accounts get breached? There are many proximate causes, but the ultimate cause, our bad habits; people are reusing passwords. When these passwords are breached, the hackers then use them to go “credential surfing”.
It’s a simple thing, hackers buy password lists from the dark web. Sometimes, it’s when a trusted website you use gets hacked like Linked In was in 2012; other times, it’s when people fall for phishing emails like this more recent Netflix attack.
They then use this list of username and passwords and ‘surf’ the internet trying to log into as many websites as they can, once they find one they will either resell it, or use it to to access the service. In the case of the CRA, the likely target of this hack was to apply for CERB payments in your name, while directing them to their bank accounts.
How can we protect ourselves?
- Get a password manager; and don’t reuse passwords.
- If possible, enable MFA on your sensitive accounts.
- Get regular dark web scans from your professional IT service partner, or trusted sites like haveibeenpwned.com.
- Talk to your bank about credit monitoring services.
It’s likely that in the future if your account was breached, you will receive a notice from the CRA letting you know. It is always recommended to check your credit report (something that is wise to do, at least annually) or talk to your bank about identity protection services.
If your account was breached, it’s possible they can use this information to perform identity theft and open new credit accounts in your name.