Canada recently suffered a setback fighting its reputation as a global money laundering hub. Financial Transactions and Reports Analysis Centre of Canada (FINTRAC), the country’s financial crimes intelligence agency, disclosed a cyber incident in March. Nearly two months later, the country’s financial crimes intelligence agency still hasn’t got 100% of its systems back up and running.
Canada’s Financial Crimes Agency Suffers Hack
The agency has been fairly tight lipped about the incident, but they began dealing with it on March 2. They publicly disclosed the incident on March 3, stating they took the agency’s corporate systems offline as a security measure. The incident didn’t involve any of the agency’s intelligence or classified systems.
On March 22, FINTRAC provided an update on a cyber security incident audit. Conducted with the Canadian Centre for Cyber Security (CCCS), the country’s cyber security response unit, they stated there was no evidence information was “removed” or “lost” from the system. Carefully selected terms that don’t necessarily clarify what was accessed, or what the ongoing issue is.
FINTRAC Still Hasn’t Got All of Its Systems Back Online
Despite the audit and rounds of “everything is fine,” not a lot has been disclosed. The suspected origin of the hack is still a mystery. That said, everything doesn’t seem to be okay, since FINTRACs systems aren’t back to 100% operational a month after the results of the audit were made public.
On Friday, a representative confirmed three systems remain offline—Web Reporting, Batch Transmission, and Money Services Business Registration.
The Web Reporting system is primarily used by low volume users to submit:
- Suspicious transaction reports;
- Large Cash transaction reports;
- Non-SWIFT transfer reports
- Casino disbursement reports
- Large virtual currency transaction reports
The Batch Transmission Software is used for larger reporting tasks involving:
- Suspicious transaction reports;
- Large Cash transaction reports;
- Electronic Funds Transfer Reports
- Casino disbursement reports
Reporting agencies can still use the API for directly integrated systems for Suspicious Transaction, Large Cash, and Large Virtual Currency Reports. However, some types of reports, such as Electronic Funds and Casino Disbursements, won’t have APIs until mid-June.
“For businesses reporting through API, there are no changes or delays,” explained a FINTRAC spokesperson by email.
Adding, “For those who are unable to report through API, FINTRAC has informed them that they must continue to identify and document all reportable transactions and be prepared to file them once systems are restored.”
The backlog comes as the agency has seen a significant increase in reporting, and a decline in investigations. It’s so far been unclear if this is due to a rise in suspicious activity, or increased noise from policymakers requiring more agencies to report to FINTRAC.
Few other details have been released on the attack. No suspected country of origin, alleged hacking groups, or even the software vulnerability exploited. Scarce details also make it unclear why hackers would target the corporate system of a financial agency.
Canadian government agencies and personnel data has seen a recent uptick in targeting. In November, Canada’s privacy watchdog began an investigation on a breach involving the data of former and current members of the country’s armed forces and the RCMP, its national police force. At least some data was subsequently leaked on the dark web, according to a notice sent to RCMP employees.
In February, the same watchdog also announced it was looking into a breach of users at Global Affairs, the country’s diplomatic and consular services. The RCMP was also hit again that month.
