Parliament webmaster alerted days before hacking report, says MyCERT

[InfoSec News <isn () C4I ORG>]

http://thestar.com.my/tech/story.asp?file=/2001/1/3/technology/03hack&sec=technology

By M. MADHAVAN
Wednesday, January 3, 2001

PETALING JAYA: The Malaysian Computer Emergency Response Team (MyCERT)
said it knew that the Parliament website had been hacked on Dec 27,
but had been unable to get in touch with the people managing the
website.

The hacking, which wiped out all information on the Parliament website
and replaced the homepage with words in a foreign language, was first
made public by DAP chairman Lim Kit Siang on Dec 30.

"We were informed about the hacking at 10pm on Dec 27 from a trusted
foreign source, but we could not contact the people involved,'' MyCERT
project head Raja Azrina Raja Othman said in a statement today.

She said according to MyCERT's sources, this was not the first time
the Parliament website had been hacked, but did not provide further
details.

MyCERT (http://www.mycert.mimos.my) had been expecting an increase in
hacking and computer virus attacks during the festive season, and said
it had reminded all government agencies in its subscription list to be
prepared.

"We had also advised these organisations to update their contact
information, especially with handphone numbers that could be reached
during the holidays,'' Raja Azrina said.

The Parliament website (http://www.parlimen.gov.my), which was down at
press time, is registered under the Palm Oil Research Institute of
Malaysia (Porim), but the listed webmasters did not respond to
MyCERT's alert, she said.

Under the Computer Crimes Bill 1997, hacking is a criminal act. As
yet, no police report has been filed.

"We have not been assigned to track down the hacker, but I believe
this can be done through an in-depth analysis of the website's
servers,'' Raja Azrina said.

She said the level of security awareness among Malaysian website
operators was still low.

"Internet security is very much the responsibility of all levels in an
organisation, and people need to be trained,'' she said.

"We would also like to correct the misconception among technical
personnel that servers that do not show signs of malfunction are clear
of intruders.

"Some of these servers could be running unauthorised software agents
or backdoors that would allow hackers easy entry in the future,'' she
added.

ISN is hosted by SecurityFocus.com
---
To unsubscribe email LISTSERV () SecurityFocus com with a message body of
"SIGNOFF ISN".