[BreachExchange] The Canadian Government Has Been Hacked, And Experts Say Many More Hits Are Coming

Inga Goddijn inga at riskbasedsecurity.com
Wed Mar 15 20:41:16 EDT 2017


http://www.pymnts.com/news/security-and-risk/2017/the-canadian-government-has-been-hacked-experts-say-many-more-similar-hits-are-coming/

The Canadian government was forced to pull the plug on its website for
filing federal taxes after it became clear that cybercriminals had broken
into the statistics bureau last week. The hack was reportedly made possible
by a newly-disclosed bug in the software.

Statistics Canada says the good news is that the intrusion was stopped
before any data when out the door.

The bad news is this is the first major hack attributable to a bug in
Apache Struts 2 — software that is often used on government, bank and
retail websites. Or, at least, this is the first known hack — various
security firms believe more of these are coming because the exploit in
Apache Strut 2 is easy to tap into and widely publicly known since word of
it started appearing on security and hacking websites last week.

Techs are now working double-time to patch that hole around the world,
Chris Camacho, chief strategy officer with cyber intelligence firm
Flashpoint, told Reuters.

He said the vulnerability was actively being exploited by hackers, though
offered no additional details.

The vulnerability was first found a week ago when the Apache Software
Foundation released an update to fix the bug, saying it could enable
hackers to gain remote control of a web server. Once the server is
controlled via the bug, hackers can steal data, access the victim’s website
or just crash the site entirely.

“This vulnerability is super easy to exploit,” Chris Wysopal, chief
technology officer with security software maker Veracode, said. “You just
point it to the web server and put in the command that you want to run.”
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20170315/7a5d84ed/attachment.html>


More information about the BreachExchange mailing list