Heartbleed bug causes headaches for Montreal accountants

The five days the Canada Revenue Agency’s online services were offline has made it difficult for many accountants to do their jobs.Chartered professional accountant Dan Blumer says he was able to complete tax returns for his clients, but had to wait to send them.“We have hundreds of them in cue waiting to be e-filed and as soon as the website is back up and running,” he said.

The Heartbleed bug was discovered last week, but it appears to have gone undetected for years.

Heartbleed is a glitch that affects open-source software, which is at the centre of applications used to encrypt internet communications.

It can reveal the computer’s memory, including passwords and credit card numbers.

It can also allow hackers to impersonate other servers.

It’s still unclear exactly how many websites may have been compromised.

“Because it leaves no trace, hackers can be at it all day long collecting data,” Internet security expert Terry Cutler said.

The CRA decided to shut down its web services to protect Canadians from any information leaks that may occur.

“The biggest problem we’re going to see now is that people aren’t going to trust what they are doing online, banking or online transactions,” says Cutler.

Each website has to repair the glitch itself, which could take days.

Cutler says there’s a way to check if the site you’re using has been compromised. A downloadable plug-in called Chromebleed will check if the website you’re visiting is still vulnerable to the glitch if you browse the web using Google Chrome.

Internet users should change their passwords only if they know the website they’re visiting as fixed the problem.

Now that the CRA website is back up and running, people can go online and file their taxes.

Because of the outage, the deadline to file has been extended to May 5.

• About
• Latest Posts

Terry Cutler

Founder and Chief Technology Officer at Digital Locksmiths, Inc.

Terry Cutler is the founder of Digital Locksmiths, Inc. - an IT security and data defense firm based in Montreal - and serves as the company's Chief Technology Officer. Terry is a Certified Ethical Hacker who has learned the mindset of hackers and trained in the techniques of "the bad guys" who seek to do harm to corporations and individuals alike.He is responsible for staying on top of the latest trends in cybersecurity and being an advocate for best practices in the identification and eradication of vulnerabilities that leave the customers of Digital Locksmiths susceptible to the most dangerous threats.Another one of Terry's roles is to be a thought leader for Digital Locksmiths by sharing his expert insights about effective digital security strategies and countermeasures through his writings, speaking engagements, and media interviews.

Connect with Terry on Google +

Latest posts by Terry Cutler (see all)

• Monitor, not surveillance, more important role of adults in kids’ online lives, says study. - January 24, 2015
• Terrasse-Vaudreuil’s website one of many hacked - January 24, 2015
• Crossing the “online” into cyber bullying - December 31, 2014