Subscribe

SA govt sites hacked

Paul Vecchiatto
By Paul Vecchiatto, ITWeb Cape Town correspondent
Cape Town, 10 Oct 2005

Several South African government Web sites were defaced during the past few days and a security expert warns there is a likelihood of them being attacked again soon.

Yesterday, the www.gov.za site and several linked sites including www.gcis.gov.za were hacked and defaced by a group called "byond crew", which specialises in targeting open source operating systems.

According to the listings on the hack notice board site www.zone-h.org, "byond crew" ranks at number 49 on its list of top attackers following the group`s bout of attacks this past weekend.

The www.gov.za site was defaced with the words: "South African Government Server...hohoho - pwned by byond crew - Chile!" The word "pwned" means taken over or controlled by the group.

"The good news is that the South African government`s Web sites were cleaned up fairly quickly after the attack took place," says Barry Cribb, MD of IT security and networking company ISDigital Networks.

"The bad news is this will attract other hacking groups to see if they can do the same. This means they could find and exploit other vulnerabilities on the Web sites."

Cribb says these groups generally attack a site for the notoriety it will give them among the community, "and now they can add several more notches to their gun belts," he says.

"What is positive about these attacks is that they force governments and organisations to take their security more seriously and to implement the basic procedures such as daily updates," says Alan Levin, chairman of the Internet Society of SA.

Open source vulnerabilities

Levin expresses some surprise that the government system attacked is, according to Zone-H, an Apache server running open source operating system FreeDSB.

"Usually that is a very secure environment compared to Microsoft systems," he says.

The majority of the sites attacked by "byond crew" use Linux or FreeBSD operating systems with a few based on Windows 2000.

Spokespeople for the Government Communications and Information Service, which administers the government Web sites, were unavailable for comment at the time of publication.

Share