Quebec Closes 3,992 Websites As “Preventive Measure” After Discovery of Security Flaw

MONTREAL – Quebec shut down nearly 4,000 of its websites on Sunday as a preventive measure after the government discovered a major security breach affecting computer systems around the world.

The minister responsible for digital transformation and access to information, Eric Caire, explained that all sites are analyzed for possible threats caused by the “Log4j” flaw. Log4j is a Java-based logging utility widely deployed and used around the world, and the federal government issued a warning on Friday that “active scanning and exploitation of this vulnerability has been observed.”

“On Friday 10, we received, like everyone else on the planet, a progress report on a computer security breach which affects many systems,” Cairo said at a press conference.

The flaw “allows an attacker to break into a server” then to introduce malicious code and thus “to take control of the server” and all the data it contains.

The offending item is part of a widely used open source Apache library. Fortunately, there is a fix to fix the security issue.

“We have to analyze all of our systems,” Cairo said. “We’re sort of looking for a needle in a haystack.”

He added that no activity was detected suggesting that a hacker entered the system.

“It is a preventive decision, not a reactive one,” Cairo said.

The government has closed 3,992 sites and some are back online. The websites of the Ministries of Education and Higher Education were not accessible on Sunday.

Comments are closed.