The CRA “is working diligently to restore access to all services as quickly as possible,” spokesperson Sylvie Branch wrote in an email.
But the CRA won’t say when it expects this to be the case, only that a “forensic analysis related to recent cyber incidents continues.”
The CRA discovered suspicious activity on approximately 48,000 accounts after the two ‘credential stuffing’ attacks in June and August, which took advantage of the fact that many people use the same credentials for multiple services, the Treasury Board of Canada said earlier. this month.
Jose Manuel Fernandez, a professor at the Polytechnic University of Montreal who teaches computer security, said it takes time to investigate cyber attacks and fix vulnerabilities.
“These systems are very complex,” he said. “The industry as a whole has a terrible track record of creating reliable, bug-free software that can be exploited. ”
He said it was common for organizations to limit access to certain services while they were investigating, comparing it to the police yellow tape around a crime scene.
An organization like the CRA may also limit the ability of users to make certain changes to reduce the risk of stolen information being used for fraudulent purposes.
The CRA has said the COVID-19 pandemic is not slowing its response.
“The fact that many CRA employees work from home does not affect the ability of the CRA to provide full functionality online,” said the Directorate.