‘Hacktivist’ SAPS nightmare
May 23 2013 at 11:48am
By BRENDAN ROANE
By BRENDAN ROANE
Supplied
Frame grabs of the
hacked website for which @DomainerAnon claimed responsibility on Twitter. More
than 15 000 e-mails sent to the police were hacked and published online.
Johannesburg - Cyber attacks will
continue on government websites - leaving sensitive data vulnerable - unless
South Africa improves its cyber security measures.
This is the message from cyber security
experts in the wake of the news that 15 767 e-mails sent to the SAPS from the
public were hacked and published online.
These e-mails contained details of whistleblowers,
victims of crime such as rape, murder and robbery, and the names of alleged
criminals.
Hundreds of police officers’ names,
ranks and contact details were also uploaded by the hacker, @DomainerAnon, who
claimed responsibility for the cyber attacks on Twitter.
Above the list of the
officers’ details that he posted on another site, a message reads: “The reason
for this action is to serve as a reminder to the government regarding the
murders of 34 protesting miners outside the Marikana platinum mine by police. To
date no officers have been brought to justice… This situation will NOT be
tolerated.”
“Are government websites secure?” a
leading cyber security expert, who spoke on condition of anonymity, was asked.
“Hell no, no they are not,” he replied.
The expert added that most government
sites, from local government upwards, were vulnerable to hackers.
“To be very frank and honest with you,
the government does not focus on IT (information technology) security.
“This is going to open up a can of
worms. It’s shocking and it’s not going to stop.”
Access to low-cost hacking software and
other cyber-crime tools had made the potential of hacks into government sites a
more common occurrence, said cyber security expert and director of Wolfpack
Information Risk, Craig Rosewarne.
“It’s actually amazing that we’re not
seeing more of this in South Africa,” he said.
Rosewarne described a hacker who has a
political, religious or social agenda as a “hacktivist”.
“We are seeing about 60 percent of the
more popular breaches being the work of a hacktivist as opposed to hackers
doing it for financial gain,” he said.
Rosewarne added that the information
from the SAPS e-mails had been posted on a “bullet-proof site that is typically
unavailable to be taken down”.
Not all the hacked e-mails contained
sensitive data, but hundreds contained tip-offs on possible crimes and the
names of alleged criminals.
The whistleblowers’ details were also
published online, including case numbers, contact details, names of victims and
perpetrators, and, occasionally, ID numbers.
“My niece (name removed for safety) was
murdered in Pretoria on 19/01/2006. The suspect is her ex-boyfriend (name
removed for safety), who also attacked another woman,” reads one e-mail.
Another e-mail questioned why a man had
not been arrested after he had stabbed his girlfriend.
brendan.roane@inl.co.za
The Star
