Why Real-Time Breach Remediation Matters

By: Absolute Editorial Team | 3/28/2017

Do you have the tools you need for always-on visibility and real-time remediation to protect enterprise devices, data, applications and users -- whether on or off the network? Here's why it's important...

Earlier this month, the Canada Revenue Agency (CRA) took down its online services after discovering an “internet vulnerability that affects some computer servers used by websites worldwide.” In response to the identification of the vulnerability, the CRA website was offline for a weekend as a precautionary measure. It was later revealed that the vulnerability involved an Apache Struts 2 vulnerability, a critical vulnerability that attracted a massive number of attackers.

According to the CRA, a hacker broke into the CRA’s website but was unable to “get inside” CRA systems to breach any data. John Glowacki, chief operating officer of Shared Services Canada, said the Apache Struts 2 software vulnerability is a world-wide problem that posed a “specific and credible threat” to certain government IT systems.

Absolute’s Global Security Strategies, Richard Henderson, went on air with CBC News Network to talk about the CRA’s actions in addressing the security vulnerability.

“The CRA is in the business of being risk averse: they’re responsible for controlling the most sensitive and precious data of our lives, our social insurance numbers and our tax returns and our banking information.”

“We were aware of a vulnerability in something called Struts, which is part of the Apache web application framework. When you and your Internet browser talk to a site, whether it’s Google or the CRA, you connect with the web server and the web server sends back the pages. We became aware of a vulnerability in a piece of software that is used by the CRA. In an abundance of caution, the CRA shut things down until they could figure out how much they were vulnerable to this issue.

“The vulnerability is such that if i were to create codes and take advantage of what is happening with these Apache servers, they could steal data from the CRA or even worse, install malware on people filing income tax returns.”

As Richard noted in the interview, the CRA has precedence for being proactive with security vulnerabilities, which is unusually positive in this era of mega data breaches and the negative PR associated with delayed responses to security incidents.

John Glowacki, Chief Operating Officer of Shared Services Canada, noted that the centralized enterprise approach to data in Canada (under Shared Services Canada) allowed for a rapid approach to addressing the vulnerability. It was inferred that other countries have had greater difficulties in addressing the vulnerability.

We applaud the CRA for taking proactive steps to remediate this security threat.

 Visibility and Real-Time Remediation

Absolute combines our cloud-based Data & Device Security with patented, embedded Persistence technology to give enterprises uncompromisable visibility over the endpoint -- and the ability to target-harden your endpoint security layers against insider or malicious attacks.

Endpoints are one of the top breeding grounds for data breaches -- Absolute offers an unprecedented new level of control. Learn more at Absolute.com

Financial Services