11 government websites were breached by ‘VandaTheGod’
THE HACKING and defacing of 11 government websites in under 12 hours shows the need for more coordination of those who maintain these sites, said TT Computer Society (TTCS) assistant secretary Dev Anand Teelucksingh.
The TTCS had flagged the hacking of the sites by Brazilian hackers VandatheGod in a series of posts yesterday including the official website of the police and a website associated with the Office of the Attorney General.
Police head of communications Nadine Hackett said hackers attempted to hack the site but the police IT department caught it in time and prevented it. She added the police are investigating the incident.
Attorney General Faris Al-Rawi told Newsday the ministry’s official site, legalaffairs.gov.tt, was hacked but the IT department got to work and there was no reported damage to the site. He said he was awaiting a physical report on the incident.
“Attacks on websites are not uncommon, but our data systems are protected and not open to exposure. It is very carefully managed.”
He explained the user interface and portal was under attack but not the information behind that such as the registries.
“It is a, by far, less insidious attack than Cambridge Analytica proved to be.”
The legalaffairs.gov.tt site was up and running yesterday but ag.gov.tt, the site flagged by TTCS, remained unavailable.
National Security Minister Stuart Young at the post-Cabinet media conference on Thursday, confirmed the national security ministry and immigration division websites had both been hacked, but said no real damage had been done.
He said investigations have been launched to identify the source of the hacking and the sites have been shut down until the ministry can secure them and understand what happened.
VandatheGod, who has joined Twitter since January 2013 and has 2,193 followers, had taken responsibility for the hacks and retweeted a video by TTT Online with Young speaking about the hacking and also one of the posts by TTCS.
The hackers posted on the National Security Ministry website a YouTube link to to the 1995 song Pelados em Santos by Brazilian comedy rock band Mamonas Assassinas. The hackers later attacked a number of other websites and posted an image of a man wearing a Guy Fawkes mask and holding the sign “Join the Revolution, Tell Your Corrupt Government to F— Off”.
TTCS also reported attacks on the websites associated with the Tourism Ministry, Citizen Security Programme, Office of the Prime Minister Gender Affairs Division, National Energy, Telecommunications Authority of Trinidad and Tobago, Energy Ministry, Office of the Attorney General and Nedco. Up to news time yesterday the Citizen Security Programme, Immigration Division, National Security and TATT were unavailable while Nedco site was “temporarily down for maintenance.”
Teelucksingh said websites need to be secure to prevent any authorised parties from interfering with those websites. Asked if this type of hacking was unprecedented, he replied that there have been website defacements in the past but “not one where so many defaced in a relatively short time – ten hours.”
He described it as a “cookie-cutter operation” and was probably all automated.
Asked why hackers committed these acts Teelucksingh said it was likely notoriety and pointed out that VandatheGod has defaced over 3,600 websites in over two years. He also pointed out the Twitter handle is focused on government websites globally and “sticking it to the man.” On the Twitter feed, VandatheGod has posted links to hacked sites in the US and Brazil.
Originally published by: Neaves, J. (2019). HACK ATTACK. [online] Trinidad and Tobago Newsday. Available at: Newsday.co.tt