With Chinese online attacks staying unchecked, the Information and Communications Technology Office (ICTO) has asked system administrators of various websites of Philippine government agencies to re-evaluate their security policies to deter further hackings.
The advisory was issued by the ICTO after Chinese hackers struck once again on Wednesday, bringing down the website of the country’s weather bureau, Pagasa. Incidentally, both the ICTO and Pagasa are both under the Department of Science and Technology (DOST)
The Pagasa site was defaced at around 2 PM, but the weather bureau’s system administrators were able to put the website back online three hours later.
Although the Philippine government said that the hackers responsible for the attack came from an “undetermined origin”, they left grammatically incorrect messages that suggest of Chinese origin.
The hackers vandalized the Pagasa site with these words:
It can be noted that the email address was registered with “QQ.com”, which is said to be the most popular instant messaging site in China.
Aside from Pagasa’s website, the online site of local broadsheet The Philippine Star was also hacked on Tuesday. The company, however, was quick to restore their site in just a few minutes.
According to Louis Casambre, executive director of ICTO, the recent defacement of the Pagasa website only illustrated the patent vulnerabilities inherent on some Web platforms.
“We would like to request the system administrators of government websites to review the source code for these security flaws. A common vulnerability we have found stems from third party plug-ins used in content management systems (CMS),” he said.
The ICTO also recommended that government agencies add an extra layer of security to their websites by migrating them to secure server facilities.
Casambre said the ICTO had already taken a “definitive action to migrate all DOST websites to secure server facilities” when the defacements started almost three weeks ago.
“It is unfortunate however that the Pagasa website was hacked so soon. In light of this new development, we are looking at accelerating our on-going efforts,” he said.
Casambre pointed out that the Pagasa website was not yet hosted on DOST’s secure server when the hacking transpired. “The Pagasa website was hosted on its own Web servers, as well as those of a third party provider and were not hosted on DOST’s secure servers,” he said.
The ICTO, however, said defacements are nothing new to government websites as these happen around the globe.
For his part, DOST secretary Mario Montejo commented: “As potential high-profile targets for hackers both local and foreign, government system administrators must take the extra effort to ensure that our servers are safe from cyber vandalism. The DOST-ICTO has been tasked to oversee DOST’s internal efforts.”