MANILA, Philippines — The government’s Information and Communications Technology Office (ICTO) requested system administrators of public agencies to re-evaluate their websites’ security protocols following another hacking of a government website on Wednesday.
ICTO Executive Director Louis Casambre issued the call following the recent website defacement of the country’s weather bureau, the latest in a spate of hackings leveled against government websites purportedly by Chinese hackers.
The ICTO and the Philippine Atmospheric, Geophysical and Astronomical Services Administration (PAGASA) are both attached agencies of the Department of Science and Technology (DOST). Despite this, Casambre said the PAGASA website is not hosted under DOST’s facilities.
”The PAGASA website is hosted on its own web servers as well as those of a third party provider and were not hosted on DOST’s secure servers,” the ICTO official said.
The ICTO likewise confirmed the defacement on PAGASA’s website at around 2PM of Wednesday, saying the vandalism was carried out by “hackers of still undetermined origin” and that the website has been put back up after three hours.
Casambre said a common vulnerability they found being exploited by hackers were loopholes from third-party plug-ins used in the content management systems (CMS) of government websites.
He added that they have already migrated all of DOST’s websites to a secure server almost three weeks ago. The ICTO Undersecretary, in an earlier report, said the agency is even mulling offering hosting services to other government websites.
“It is unfortunate however that the PAGASA website was hacked so soon. In light of this new development, we are looking at accelerating our on-going efforts,” he stressed.
Pooling all government websites into one data center or server, however, may not be such a good idea, according to IT professional Wilson Chua, President and co-founder of Bitstop Network Services, one of the earliest Web hosting and IT solutions companies in the Philippines. Bitstop owns a data center that hosts websites of some government agencies.
In response to a Facebook post, Chua said there is a need to re-examine ICTO’s assumption that centralizing the hosting of all government websites would ultimately lead to their security and the prevention of further hackings and intrusions.
“Having a centralized web facility may prove to be a more prized target (for hackers),” Chua explained. “If they compromised one website and gain root access to that server, then the rest of (the) websites hosted in the central facility would suffer even more.”
The worst case scenario, he said, is that government officials would wake up one day to find all government websites defaced in one go, and not just in piecemeal defacements such as what happened with the websites of DBM and PAGASA. “[That's] something to really think about,” he added.
On Wednesday, the official website of the state weather bureau was hacked by a group who claims to be members of “Team:X-f*ck.”
This is the latest in a series of hacking incidents on government websites that had been earlier claimed by Chinese groups. Last month, the Department of Budget and Management’s website was defaced.
The homepage of the DBM website prominently displayed the Chinese flag with the words “Don’t trouble the Chinese, Don’t play with Fire” displayed below it.
Malacañang revealed that several government websites had been attacked by hackers whose IP addresses were traced to China. The hacking incidents between the Philippines and China arose from the tensions in the disputed Scarborough shoal, which is claimed by both countries as part of their territory. (with a report from Joseph Holandes Ubalde)