Friday 22 November 2013

'Hacking nothing short of terrorism' if it endangers lives

S'pore 'has to take hacking seriously'
By Tham Yuen-C, The Straits Times, 21 Nov 2013

THE recent spate of hacking incidents has to be taken seriously given Singapore's heavy reliance on information technology for many aspects of daily life, Law Minister K. Shanmugam said yesterday at a dialogue with students.

Hacking is "nothing short of terrorism" if lives are endangered, say, when air-traffic control systems are breached, he added.

Addressing some 75 SIM Global Education students at SIM University, he noted that a netizen had written that the recent hacking incidents were a "pretty mild act of resistance", and that violent action is acceptable if it was "well-targeted".

Mr Shanmugam said he was glad most Singaporeans did not hold that view.

Earlier yesterday, Minister for Communications and Information Yaacob Ibrahim expressed the same sentiment in a Facebook post, writing that "many Singaporeans have taken a stand against those who threatened our country's computer systems and websites".

Mr Shanmugam framed the recent incidents - websites belonging to the Istana and Prime Minister's Office (PMO) were among those hacked into - as just a few steps removed from bolder attacks.

Hackers could target the power grid, for example, disrupting emergency surgery in hospitals or the work of air-traffic controllers. He likened the hackers' act to that of people who threaten to set fire to others' homes to get their way.

Mr Shanmugam, who is also the Foreign Minister, touched on the topic after being asked why the Government has taken such a harsh stance on hackers even though the recent incidents did not cause serious damage.

A 35-year-old Singaporean, James Raj Arokiasamy, was charged in court last week for allegedly defacing the Ang Mo Kio Town Council website last month. Allegedly calling himself "The Messiah", he is believed to have created the Oct 29 YouTube video threatening cyber attacks in protest against the Media Development Authority's (MDA) licensing rules for news websites.

Separately, five men are being investigated for hacking into the PMO and Istana websites.

Dr Yaacob likened hacking to "someone coming into your home uninvited". "They snoop around, leave their mark or steal your valuables. They damage your property, and violate your personal privacy," he added.

Mr Shanmugam, meanwhile, said hacking government websites and disrupting state services is akin to an attack on Singaporeans since these exist for citizens' benefit. And while the recent cases resulted only in the affected websites being defaced, they could cause a loss of confidence in Singapore's IT resiliency, he added.

Asked whether enforcement efforts against hacking would encourage retaliation, Mr Shanmugam said people should expect that hacking incidents would continue.

The best Singapore can do is to protect its IT systems and learn to recover and move on from such incidents, he added.

The minister also said that MDA's rules had been "misunderstood and mischaracterised for political reasons", adding that licensing regulations had been around for over 20 years and were just being extended online to news websites.

All 13 school websites fixed after hacking
No privileged data breached; several hosted by same IT provider
By Lim Yan Liang And Rachel Au-yong, The Straits Times, 22 Nov 2013

ALL 13 school websites which were hacked into on Wednesday have been fixed, even as the authorities hunt for the culprits.

"As at 6pm, all the affected sites have been restored," said a Ministry of Education (MOE) spokesman yesterday, adding that a police report has been lodged. "No privileged information was compromised."

Checks by The Straits Times revealed that at least several of the affected websites, including those belonging to Woodlands Ring Primary and Greendale Primary, were hosted by information technology provider ACP.

When contacted, the firm's founder Alan Poh said his company is working with MOE and the police after what he termed an "injection" attack, which involves exploiting a software vulnerability.

Little is known about the individual or group operating as "Jack Riderr", the moniker used to sign off on the defaced school websites. Online checks show that it is linked to online groups going by names such as "Black Ops", "Hacker-Hacker Malaysia Bersatu", "Johor Hacking Crew" and "Malaysia Black Hat Community".

"Black hat" refers to hackers who violate computer security for malicious reasons or personal gain.

While logos of a smiling white mask and a man without a head - both associated with the Anonymous hacktivist group - also surfaced during online checks into Jack Riderr, the latest attacks do not appear to be connected to the intrusions into the Istana and Prime Minister's Office websites earlier this month. Five men are being investigated for these incidents.

On Wednesday, the Singapore Art Museum released a statement saying that e-mail addresses and phone numbers of 4,000 individuals who had participated in the museum's activities in 2011 and this year had been uploaded onto a server in New Zealand.

The school hackings also came after James Raj Arokiasamy, 35, was charged in court last week for allegedly defacing the Ang Mo Kio Town Council website last month, using the name "The Messiah".

Computer experts said that organisations, including schools, should harden their IT infrastructure against cyber attacks, and regularly test their online defences to locate potential holes.

"You don't need to be a corporation or a bank to be vulnerable," said Ms Shirley Wong, co-chairman of the Cyber Security Awareness Alliance.

She advised that tests should not just be conducted on websites accessible to the public, but also internally, "as your own employees are often the weakest link within your own intranet".

The Government has taken a strong stance against the recent spate of hacking incidents.

Yesterday, Defence Minister Ng Eng Hen urged society to send a clear message that cyber-vandalism was no different from vandalism in the real world.

"It is important that all of us are clear in this and we set out in one voice that this is not something that we tolerate," he said at a Singapore Armed Forces event.

At a dialogue with students on Wednesday, Law Minister K. Shanmugam also said cyber intrusions were "nothing short of terrorism" if they endangered lives, such as when air-traffic controls are compromised.

13 school websites hacked, museum's mailing list breached
By Leonard Lim And Pearl Lee, The Straits Times, 21 Nov 2013

THE websites of 13 schools were hacked yesterday, on a day when two ministers came out strongly against the recent cyber attacks.

Capping an incident-packed day, the Singapore Art Museum (SAM) also admitted that personal details of thousands of patrons on its online mailing list had been compromised a fortnight ago. The authorities said they were still investigating if its website had been hacked.

The school sites were reportedly hacked between 3.30pm and 5pm, the Ministry of Education said in a statement last night. "We have referred the matter to the police for investigation and are working to restore the affected websites," a spokesman added.

They were a mix of top institutions and neighbourhood schools. One - that of Raffles Girls' School (Secondary) - was operational in the evening, but the rest were still down at press time last night.

The other schools are: Bukit Timah Primary, Canberra Primary, Compassvale Primary, Greendale Primary, South View Primary, West View Primary, Woodlands Ring Primary, Henderson Secondary, Kent Ridge Secondary, Maris Stella High, St Gabriel's Secondary, and St Andrew's Junior College.

It is understood that all were hosted on the same server and maintained by the same vendor, and was hacked by a person or group signing off as "Jack Riderr".

A search on a hackers' database shows "Jack Riderr" as being from a "Johor Hacking Crew". He also posted screenshots of how the websites looked after they were defaced; they showed a man brandishing a sword with the words "Muslim Hackers" below.

When contacted, some principals said they were not aware that their schools' websites had been hacked.

Earlier yesterday, SAM said the names, e-mail addresses and, in some instances, nationalities of 4,000 individuals were illegally published on a New Zealand-based website on Nov 5.

It coincided with the day global hacking group Anonymous threatened to unleash a "legion" of hackers on Singapore's infrastructure if the Government did not revoke licensing rules for news websites.

The museum said it was unable to share information earlier as time was needed to verify and establish the extent of the incident.

Law and Foreign Minister K. Shanmugam, meanwhile, said at a forum that hacking had to be treated seriously in view of how heavily countries now rely on IT infrastructure.

Hacking is "nothing short of terrorism" if it endangers lives, like when air traffic controls are hacked into, he added.

Communications and Information Minister Yaacob Ibrahim said in a Facebook post that any cyber attack or threat is a "threat on the people", whether the intent was malicious or mischievous.

Info of 4,000 on museum's mailing list compromised
By Kash Cheong, The Straits Times, 21 Nov 2013

THE personal information of about 4,000 people on the Singapore Art Museum's (SAM) online mailing list was compromised recently, said the art museum yesterday.

The names, e-mail addresses, phone numbers and, in some instances, nationalities of these individuals were illegally published on New Zealand-based storage website nz for at least two hours on Nov 5 before the webpage containing the data file was taken down.

It is understood that no identity card numbers or credit card details were involved.

Speaking to reporters after a press conference, Mrs Rosa Daniel, deputy secretary (culture) at the Ministry of Culture, Community and Youth and chief executive officer of the National Heritage Board, said: "We take a very serious view of this incident."

She added: "What it has pointed to is for us to be vigilant and take strong measures to secure our information."

On Nov 4, the Infocomm Development Authority (IDA) got wind of a tweet by an individual named "CtrlSalad" who claimed to have "3.6k" e-mail, numbers, names and IP addresses including the Government's. It also provided the link to the website.

On Nov 5, IDA informed SAM of CtrlSalad's tweet and that its data might have been illegally published and uploaded on an overseas server.

The museum immediately lodged a police report and removed the data file stored on SAM's website.

Another tweet on Nov 5 which might have been deleted said: "Oh I love being me! Should I release the Singapore Database I've been sitting on? Hmmm... in the name of @RaptorSwagger and #TheSwagWagon."

It is not clear whether CtrlSalad is in Singapore or elsewhere but The Swag Wagon appears to be a hackers' group.

Police are working with SAM and the National Heritage Board to investigate the incident, and are not ruling out any possibilities including hacking. The Straits Times understands that police are also questioning those who had access to the compromised data.

Nov 5 was Guy Fawkes' Day, which someone claiming to be from the global hackers' group Anonymous had threatened to mark with cyber attacks on Singapore.

SAM said it was unable to alert the public earlier as investigating agencies needed time to "verify and establish the extent of the incident". The museum began contacting affected individuals yesterday to inform them of the illegally published information. These people had attended SAM's events in 2011 and 2013.

In a copy of its e-mail obtained by The Straits Times, SAM said it "sincerely apologised for what happened" and that it has "taken measures to step up our cyber security to prevent future occurrence of such incidents".

The Straits Times understands SAM has conducted back-end checks to harden systems where possible. Additional safeguards are being put in place, such as more regular vulnerability scanning of servers and applications.

SAM has also removed an online form asking subscribers for their details, and will now have subscribers e-mail them directly. The data will be stored in "more secure data centres".

The compromised data had been stored on a SAM server which runs the museum's website.

"This is a convenient way of storing data but it would be much better if institutions store personal data of customers in a separate server with more layers of defence," said the co-chair of the Cyber Security Awareness Alliance, Ms Shirley Wong.

No comments:

Post a Comment