Philippine goverment websites defaced – How do you prevent them?
Last week, we saw four websites of Philippine government agencies defaced by crackers. The sites of the Department of Health (DOH), Department of Social Welfare and Development (DSWD), National Disaster Coordinating Council (NDCC), and Department of Labor and Employment (DOLE) were all defaced.
Defacing websites is not new, it happens everyday. But its a big story when government websites are defaced. Why? Because its a government website. One would expect a government to protect its territory – be it online or in the real world.
In a TV interview, National Computer Center (NCC) Director-General Tim Diaz de Rivera said that the incident is more of an embarassment to the government more than anything else. De Rivera added that there were no sensitive data was being compromised during the hacking incident. Malacanang on the other hand is looking into the matter and said that they are treating the incident seriously.
So let’s take a closer look as to why people do such an act? For a couple of reasons – a promotion of an ideology, revenge, bragging rights or just a challenge perhaps. Is it difficult to deface a website? Not really. One is only required to understand IT security theories and some patience. Tools assisting to do such acts are widely available for free on the internet.
Defacers can also exchange codes or information in IRC channels, private forums and servers, and through instant messengers. They can create botnets (software applications that runs automatically for a specific tasks over the internet) and look for vulnerable web servers. Once found, the script can be executed and you have a defaced website or much worst – a compromised server.
How is it done? Normally it takes the following sequence of tasks: Footprinting, scanning, enumeration, penetration, attack, covering of tracks and installation of backdoors.
Now why is this happening? I only have one answer here and its not because we have genius crackers – but more of having irresponsible and lazy system administrators and web developers. In other words, “negligence” is the main reason why these crackers were successful in defacing websites. And the online image of our government is at stake here. It’s like allowing people to vandalize on our online space.
So how do you prevent this from happening? Here are some guidelines:
1. Make website security a priority. Start with ensuring that all servers are physically secure. Server hardware and communications equipment should be locked in an area that is only accessible by authorized personnel.
2. Focus on web server security. Ensure security for your server platform is to apply regular updates and patches to your operating system, web server program and any other applications running on the machine. In addition, you should make sure that any important data residing or communicating with the server is encrypted.
3. Conduct routine security tests. go on the offensive by putting a security system in place that searches for vulnerabilities on a regular basis.
My advice to all government agencies or for all people / entities with websites for that matter – treat your website seriously not just as a brochure online. It is an extention of you, your group and/or your company. What happens to your sites says a lot about you. Do not allow anyone or any group to mess around with your property. And your website is your property.
Remember – security is not a product, it is a procedure.