Idealogical Systems Inc.

Top 4 Learnings From CRA Cybersecurity Incident August 2020

August 17, 2020 | Idealogical News

Top 4 Learnings From CRA Cybersecurity Incident August 2020

During the week of August 10, 2020, Government of Canada announced encountering three different cyberattacks, which led to the shutdown of their online services for days.

The only reason the attackers were successful with three different cyberattacks on CRA is because Canadians reused their credentials for various portals and undisclosed holes in CRA’s security infrastructure (unpatched configuration).

CRA service shutdown status aug 18 2020


For small businesses, stalling business operations for days is not an option.

Here are some of the precautions you can take top protect yourself from cyberattacks:

Have Mandatory Password Policy

Enforce a mandatory organization-wide password policy that includes guidelines for compulsory password resets, complex password rules and training on password hygiene.

Set-up Two-Factor Authentication

Two-factor authentication adds another layer of protection to your login systems, where you are required to add a secondary authentication on top of your username and password. Read more about 2FA here.

It is proven that multi-factor authentication and encryption are the biggest hacker obstacles against hacker attacks that happen every 39 seconds.

Initiate 24/7 Dark Web Monitoring

Illegal trade of stolen personally identifiable information (PII) is an explosive market. The truth of the hour is that the dark web has become the Walmart of cybercrime where credentials are sold for as low as $1.

One of the top defenses against credential theft or credential stuffing is to activate a 24/7 dark web monitoring for your organization. Where your IT security experts can proactively monitor, detect and investigate potential threats, and neutralize them as quickly as possible.

Prepare A Business Continuity Plan

At Idealogical, we do not consider cybersecurity an IT issue but consider it a business risk. That is why we have a written Business Continuity Plan for all our clients which prepares us for ‘when’ a client is attacked we have a well-written plan ready to be deployed.

If you have questions or concerns about your business security, reach out for help at or visit our cyber security page

Back to all blogs