A number of government departments have taken some services offline as a preventative measure following the discovery of a software flaw that Defence Minister Anita Anand says “has the potential to be used by bad actors.”
Groups using the popular Apache Log4J system should “pay attention to this critical, internet vulnerability affecting organizations across the globe,” Anand said in a statement.
“Given the critical nature of this vulnerability and reports of active exploitation, we are urging Canadian organizations of all types to follow the recommended guidance,” she said, adding any incidents should be reported to the Canadian Centre for Cyber Security, part of the Communications Security Establishment.
On Friday the Canada Revenue Agency took some services offline as a precaution after it learned of a global security vulnerability. It says there is no indication its systems have been compromised or that there was any unauthorized access to taxpayer information.