Connect with us


How to practise ‘cyber hygiene’ after CRA breach



As a recent breach of 5,500 accounts with the Canada Revenue Agency (CRA) has shown, personal hygiene isn’t the only thing Canadians need to worry about during this pandemic.

According to Ritesh Kotak, a digital technology expert, it’s important to keep up with your “cyber hygiene” as well to ensure you don’t become a victim of digital fraud.

The CRA temporarily suspended its online services on the weekend in response to the cyberattack. The agency, which has been used by thousands of Canadians during the pandemic to apply for the $2,000-per-month Canada Emergency Response Benefit (CERB) for COVID-19, said the attack was a “credential stuffing” scheme.

One victim told the Canadian Press that someone who had hacked into her account applied for CERB in her name and received funds by using her information.

But what is “credential stuffing”? And how can Canadians stay safe?

“A credential is a username and password, and stuffing is when, essentially you have these usernames and passwords and you test them against very popular sites,” Kotak told CTV News.

Hackers who have acquired hundreds of usernames and passwords will turn to bots to see if the account details allow them access to anything.

“This bot will actually go out, and it will try to input your username and password into popular sites, and if there’s a match, then the fraudster gets notified,” Kotak said.

“So the big question is, how do these hackers even get your username and password? And the most common way is through other breaches.”

If financial institutions, hotels, airlines or any place you have given your information, get hacked, that personal information, such as a username, an email address and a password, can now be accessed and shared, Kotak explained.

“And if you’re re-using your username and password, you now become vulnerable to these types of attacks.”

If the login you’ve used to book a hotel that suffers a breach is the same as your login for your bank account, or another account that contains banking details on it, these hackers can gain access to an extraordinary amount of data.

“Once you get access to somebody’s account, it is whatever information is available on that account, you now have access to it,” Kotak said. “So it could be your personal information, your financial information, your previous returns, essentially anything. And once you’re in, you can also change up information, such as your mailing address or email address to make it even more difficult for the rightful owner to gain access back to their account.”

With this recent breach on the CRA, Kotak said it seems that the hackers were purely “after the money.”

“It seems that the motivation behind these breaches is strictly financial. It is to get as much money in a short amount of time as possible, without getting detected.”


Much like with guarding against COVID-19, the strategies you can use to avoid becoming the victim of a “credential stuffing” plot are as simple as putting on a mask or washing your hands.

Just use different passwords and usernames, Kotak says.

“It is convenient for us to use the same username and password,” he admitted. “We have maybe a hundred different accounts online, we have our email, we have data storage, we might have our food delivery apps, so we have a lot of different apps that all require usernames and passwords. And as a result, a lot of us kind of get a little bit lazy.

“Let this be a lesson on why it is important to have different usernames and passwords for different sites, so if a breach does occur, you will not be affected.”

Kotak calls it “basic cyber hygiene to have different usernames and passwords.” He emphasized that creating “strong passwords” which mix upper and lowercase letters, numbers, symbols, and avoid using “dictionary words” is also important.

However, he said the blame is not on just one person for these types of breaches.

There are other parties involved, such as the CRA, and other financial institutions, which are responsible for putting in fraud detection mechanisms to catch these schemes early on.

“This is joint responsibility,” he said. “As users, use different usernames and passwords. As the CRA, or any government entity, ensure that you put proper security measures in place, and you use some sort of anomaly detection, and same thing with these financial institutions. If we all take these steps, then these types of breaches are preventable.”

Source: – CTV News

Source link


Three Foothills units placed under 'outbreak watch' as Alberta reports 153 new COVID-19 cases – Calgary Herald



Article content continued

“A unit can be on watch without having any active patient or staff cases.”

AHS added that patients, families, staff and physicians are all notified when a unit is placed under watch.

The outbreaks at Foothills continued to grow Friday. One more patient tested positive for COVID-19, while five more hospital staff were infected. In total, positive cases in 17 patients and 18 health-care workers have been linked to the outbreaks.

More than a dozen more workers at Foothills have also been instructed to isolate, for a total of 136 staff members currently in quarantine. More than 300 staff have been tested for the novel coronavirus since the start of the outbreaks.

No new deaths at Foothills were reported Friday. Three patients have died due to the outbreaks.

AHS said all patients and almost all health-care workers linked to the outbreaks have been identified, with testing underway.

Though the Foothills outbreak continues to expand, Alberta reported Friday that a much smaller outbreak at another Calgary hospital has been declared over. An outbreak at the Peter Lougheed Centre resulted in infections of three people, all of whom have recovered.

153 new COVID-19 cases

Alberta reported 153 new cases of the coronavirus Friday, bringing the province’s total case count since March to 17,343.

The new cases came from 14,211 tests, about a 1.1 per cent positive rate. There are now 1,497 active COVID-19 cases in Alberta, an increase from Thursday. More than half of those cases (773) are in the AHS Edmonton zone.

Let’s block ads! (Why?)

Source link

Continue Reading


Alberta reports more than 100 COVID-19 cases for 16th straight day – CTV Edmonton



Alberta reported 153 cases of COVID-19 Friday as active infections increased to 1,497.

The province has added more than 100 cases every day since Sept. 9, when it reported 98 new cases.

Fifty-six Albertans are being treated for the coronavirus in hospital, including the 14 patients who are in intensive care.

Alberta did not report new deaths Friday, keeping the total at 261.

The Edmonton zone continues to have more than half of Alberta’s count with 786 confirmed cases, while the Calgary zone has 518.

Alberta has reported 17,343 cases of COVID-19 to date.

Let’s block ads! (Why?)

Source link

Continue Reading


Alberta reports 153 new cases of COVID-19, no new deaths –



Alberta reported 153 new cases of COVID-19 Friday bringing the number of active cases in the province to 1,497, up 35 from the day before.

A total of 56 people were being treated in Alberta hospitals for the illness, including 14 in intensive care.

No deaths were recorded leaving the number at 261.

Three more outbreaks at schools — Calgary’s Clarence Sansom and Glenmeadows schools and Elsie Yanik Catholic School in Fort McMurray — have been reported, bringing the number of schools with outbreaks to 35.

Outbreaks are declared when a school has two or more cases.

Five schools, with five or more cases, are on a provincial ‘watch’ list. Four of those schools are in Edmonton, with Centre High the most recent addition.

The regional breakdown of active cases was:

  • Edmonton zone: 786 up 13 from the day before.
  • Calgary zone: 518 up 23 from the day before.
  • North zone: 129 down one from the day before.
  • South zone: 41, up one from the day before.
  • Central zone: 16, down three from the day before.
  • Unknown: seven, up two from the day before.

To date 968,031 Albertans have been tested for the coronavirus. So far 15,585 have recovered from the disease.

Let’s block ads! (Why?)

Source link

Continue Reading