Wednesday, August 24, 2011

Wednesday, August 24, 2011


Jika sebelum ini url KenaHack.com ditulis pada akhbar The Star , kini KH ditulis pada akhbar The Straits Times pula. Namun berita ini menjadi topik perbualan di negara jiran iaitu Singapura.Disebabkan itu KH terlambat untuk menulis artikel ini. :(

Artikel yang ditulis The Straits Times ialah berkenaan satu laman singapura yang digodam oleh kumpulan h3x4 crew . Artikel daripada KH yang bertajuk " Laman milik kerajaan singapore KENAHACK " yang bertarikh  11 Jun 2011  kemudiannya diolah pada 28 Jun 2011 oleh Straits Times.




Kemudiannya mendapat liputan meluas media daripada Singapura. Antara petikan mereka :

According to a report Tuesday by local daily The Straits Times, Malaysian employees from business consultancy firm, The Black Wilder Group (TBWG), stumbled on what H3x4 Crew had done while monitoring the group for an "unrelated case". They saw screenshots of the hacked NParks sited posted on a temporary Web site, which was subsequently removed and uploaded again on kenahack.com, a site that reveals hacking exploits, the article stated.

TBWG said it contacted Singapore's Ministry of Home Affairs after its discovery as it believed confidential data had been leaked.

When contacted, NParks confirmed the intrusion happened on Jun. 12, affecting information linked to the photo gallery under the "Visitors' Guide" section of the Web site.

"Only those who registered online to use this photo gallery were affected," said NParks CIO Yong Fook Chyi. "Their user IDs, e-mail addresses, names and encrypted passwords access to the photo gallery were affected. There was no further damage to the Web site."

It is understood that while the photo gallery was already "obsolete" when the intrusion happened, NParks advised those who registered for access to change their login usernames and passwords.

The government agency lodged a police report on Jun. 13 and investigations are ongoing. NParks revealed that when notified of the hack, it shut the site on Jun. 12 and 13 to "remove the affected information from the Web site".

While two scans the agency conducted in January and April this year did not detect any vulnerability, Yong admitted that the incident has shown there are gaps in the system. "[The agency is] working to address them by patching up the security gaps and undertaking further penetration tests," he added.

So far, there have been no reports of the compromised data being released to the public.

Besides NParks, TBWG said H3x4 Crew is believed to have also attacked more than 140 sites, including Nepalese bank, the Agricultural Development Bank, and Malaysia's Universiti Technologi Mara.

Responding to the incident, security vendor Symantec urged government agencies to adopt proactive measures to secure all levels of their information infrastructure--whether on personal computers, mobile devices, or the networks.

Ronnie Ng, senior manager of systems engineering at Symantec Singapore, told ZDNet Asia in an e-mail: "Government environments online should be subject to regulations, guidelines and monitoring through means like scorecards, and continually enhance their threat intelligence and security response capabilities."




Antara laman yang menulis kembali artikel ini ialah :

0 comments :

Post a Comment

Terima Kasih atas komem anda (^_~)