[ISN] Brunei News Website Hacked

From: InfoSec News (isn@private)
Date: Tue Nov 15 2005 - 23:17:30 PST


http://www.brudirect.com/DailyInfo/News/Archive/Nov05/161105/nite02.htm

By M K Anwar 
November 16, 2005

Bandar Seri Begawan - One of Brunei Darussalam's private and popular
news web sites, brudirect.com, went off the Internet for a few hours
yesterday as some cyber crooks hacked into the portal and posted an
obscene message.

People who tried to access the web site were directed to a web page
with messages carrying profanity the hackers had set up.

Calling themselves "Noizebox" and a crew of four naming themselves
"fishstiqz", "bytemonk", "d10r" and "n00v", these hackers claimed that
they could `juggle assembly of different architecture" (security
programs).

The site set up by the hackers also contained an encrypted message.

A simple program easily decrypted what was a threatening message,
which said that an IT company and BruNet were next.

The hackers have certainly sent alarms bells ringing especially for
companies who have their own web sites.

According to sources, IT experts at government ministries said they
are monitoring their web sites or networks closely should these
hackers try to interfere with any of the portals.

The way the message was presented also showed that the hackers had a
grudge against another group of hackers that won a hacking competition
recently in Singapore.

The hackers bragged about their hacking abilities and said they are
truly the elite in this field.

Mr Ignatius Stephen, Director of Brudirect, said he lodged a police
report on the hacking of the web site. In the report, Mr Ignatius said
that he believed the hackers disabled BruNet at about 9 Monday night
and hijacked the domain name (brudirect.com) and replaced it with
their content.

The brudirect web site was down for around five hours and it took them
all morning to track the site and redirect it to their own server.

The web site was up and running by 2pm. Under the Computer Misuse Act
2000, anyone found guilty of unauthorised interception or obstruction
of computer services can be fined not more than $10,000 or jailed not
more than three years or even both for the first offence.

A second or subsequent offence carries a fine of not more than $20,000
or not more than five years in jail or even both.

If any damage is done, the guilty party is liable to a fine of not
more than $50,000 and a jail term not exceeding seven years or both.

"We hope that the culprits will be caught and punished because BruNet
is a government property which has been violated," said Mr Ignatius.

He also said that hacking is a serious cyber crime in view of the
security aspect involved in protecting the banks or financial
institutions, e-government projects and the security forces sites.
 
Courtesy of Borneo Bulletin



_________________________________________
Earn your Master's degree in Information Security ONLINE
www.msia.norwich.edu/csi
Study IA management practices and the latest infosec issues.
Norwich University is an NSA Center of Excellence.



This archive was generated by hypermail 2.1.3 : Tue Nov 15 2005 - 23:39:04 PST