Administrators forgot to install a patch that allowed a vulnerability to be exploited by hackers, causing 20 South African government Web sites to be attacked and defaced over the past weekend, says a government official.
Tony Trew, deputy CEO of the Government Communications and Information Services, which administers the www.gov.za Web site and several others, says about a week ago a new Apache server was installed and the FreeBSD operating systems and the various applications were carried across.
"However, for some reason or another, a patch, that we knew about, was not installed and this is what the hackers exploited."
Trew says the sites first went down just after midnight on Sunday, 9 October, and were fixed by about 11am that same day.
He says the patch linked in with a content management application on the server, but he did not have details on what it actually was.
Barry Cribb, MD of IT security and networking company, ISDigital Networks, says this is typical of organisations installing new systems or doing upgrades under the pressure of doing business and therefore not doing adequate testing.
"This happens with many organisations, not just government, where an installation has to be completed to a deadline and not enough thought has been given to the testing to ensure it is secure," he says.
Cribb says most hacks, or cracks, if they are malicious, are "not rocket science. They probe continuously and usually they are able to enter because someone left a door or window open for them."
He says the danger is that once a hacker shares the information with the hacker community on how it was done, "then others want to have a go".
The www.gov.za Web site is fairly busy as it is key to the South African government`s plans to bring more services to the public through the portal. According to Trew, the site measured 1.2 million page impressions during August.
Related story:
SA govt sites hacked
Share
