[ISN] RP only ASEAN nation with hacked military Web domain

InfoSec News isn at c4i.org
Fri Sep 23 01:41:35 EDT 2005


By melvin G. calimag
Sept 23, 2005

To illustrate how hacking and cracking have become widespread in the
Internet, a security firm said the Philippines is the only country in
the Southeast Asian (SEA) region, and possibly in the whole world,
whose military domain address (mil.ph) has been hacked several times
in the last six years.

A study conducted by Tipping Point, a new division of Internet
equipment maker 3Com that focuses on intrusion prevention, revealed
the website of the Philippine Navy hosted under the mil.ph domain has
been defaced several times.

 From 1999 to 2005, a total of nine attacks were recorded under the
country's military domain name, said 3Com senior manager for security
Ken Low in a recent press briefing.

As expected, commercial websites belonging to the com.ph domain name
topped the list with 204 intrusions.

Next came government websites connected to the gov.ph domain name with
146 attacks, followed by school websites in edu.ph with 75, then
websites belonging to .ph with 71, succeeded by .org.ph with 20, and
finally net.ph with 9 attacks - the same as the military.

All in all, a total of 550 hacking activities were instigated against
the Philippines during the period.

The top hackers who launched defacement activities against Philippine
websites were Darkhunter (24), Dcoder (20), Filipino Hacker (18),
Hateful Soulz (16), Red Eye (14), Cyber Attack (12), Ir2dex (11),
F4kelive (11), and M at trix (10).

"These attacks would also show that there would always be hackers out
there waiting to pounce on vulnerabilities. They don't stop," Low
said, stressing that hackers are growing in numbers and apprehending
one of them would not necessarily solve the problem.

He said instead of engaging in the useless exercise of going after the
hackers, the public should be educated on the importance of protecting
their websites against possible intrusion.

This was essentially the same message imparted by Commission on
Information and Communications Technology (CICT) chair Virgilio Peña
during his opening talk at the ManilaCon security confab last
September 14.

"Laws will never catch up with technology. So what we need is a
campaign to increase the awareness level of the people on security,"  
Peña said.

For Tipping Point's Low, he said companies must also realize that
traditional defenses like firewalls and detection systems are simply
not enough to ward off vicious attacks.

"Instead of intrusion detection, the way to go is intrusion
prevention. This way, intrusions can be stopped even before they are
launched," he said.

Tipping Point also announced it has appointed TouchMedia Inc. as the
local distributor for its security solutions.

More information about the ISN mailing list