Geek war: RP to pursue hackers of govt web sites

(Update 9:30 PM) The Philippines will investigate a spate of incidents involving defaced government websites, a day after the fifth government website was hacked in less than a month. President Gloria Macapagal Arroyo has tasked the Commission on Information and Communications Technology (CICT) to submit its report and recommendations regarding the incidents as soon as possible, Press Secretary Cerge Remonde said. This was announced a day after the website of the Technical Education and Skills Development Authority was defaced at least twice in a single day. The CICT report should identify those responsible for hacking government websites, their motives, and recommendations to prevent such incidents, Remonde said. In a separate announcement made on Monday, the National Bureau of Investigation (NBI) said it will also undertake a similar investigation and coordinate with other agencies regarding the matter. The NBI’s Anti-Computer Crimes Division (ACCD) is currently verifying information that one of the source countries of the hackers is Indonesia. Besides trying to identify companies that hosted defaced websites, the NBI-ACCD will also determine the IP [internet protocol] address used by the hackers, said Palmer Mallari, head agent of NBI-ACCD. “We are also coordinating with the telecommunication sector," Mallari said. “After gathering the pieces of evidence, we will apply for search warrant." The agency will use legal means provided under the E-Commerce Law and Republic Act No. 8792 to go after the hackers. RA 9782 is also known as “An Act Providing and Use of Electronic Commercial and Non-Commercial Transactions, Penalties for Unlawful Use Thereof and other Purposes. Mallari refused to rule out the possibility that those responsible for defacing government Web sites “are the same individual or the same group." He added that white hat hackers may have attempted to deface government websites to challenge the capabilities of government and law enforcement agencies. “We will be holding an automation election this May. So, maybe these hackers want to prove something. But I am not saying that this is political," he said. “All angles will be looked into like the commercial, economic and even political aspects. There are many possibilities in this kind of hacking." In the latest attack, Tesda’s website visitors were redirected to the corporate website of Smartmatic Inc., the company that secured a contract to build and supply poll machines for the country's first automated elections. [See: Tesda Website hacked again; users directed to Smartmatic] Earlier, the hacked Tesda website showed clip art of a man with a rude hand gesture and a message in memory of Kemberly Jul Luna, who was killed in an encounter with government troops in Mindanao last December. The press secretary said that the government has received reports indicating that those involved in hacking government websites are out to discredit the country’s first national automated elections, the Commission on Elections (Comelec), and Smartmatic Inc., the company that is supplying the machines to be used in the said polls. Last week, the online site of the Department of Labor and Employment was also vandalized, greeting visitors with Arabic messages. Foul remarks were also found in the website’s “Secretary’s Corner," a section that featured messages of Labor chief Marianito Roque. On December 30 and January 4, the websites of the National Disaster Coordinating Council and of the Department of Social Welfare and Development were also hacked. The latest series of hacking incidents began in December after the Department of Health website was defaced. Gov't servers 'easy to hack' A person who described himself as "a reformed hacker," and who wishes to remain anonymous, said that hacking government websites is easy. “Madali lang, bulok ang mga server ng gobyerno [It’s easy because government servers are decrepit]," the hacker said. However, the elections would be a different story, since multiple servers make the system more secure, the hacker said. He also cited reports that the servers to be used for the elections would be placed in a remote location, possibly outside the Philippines. Next hack attack on January 13? In the meantime, an unidentified blogger raised the possibility that the next hack attack may take place on January 13. The same blogger observed that the series of hacks done this year occur every three days since January 4, the most recent being early Monday, a second hit on the Tesda website. An attempt to hack the Comelec’s official blog was made in September last year. Comelec law department director Ferdinand Rafanan said in an earlier report that though he was not aware of the hack attempt, the actual equipment for the polls is “guarded" and designed to thwart hackers. "I am not saying that the system cannot be hacked. No system is 100-percent hack-proof. I am just saying that we have made sure that the system will not be hacked," Comelec spokesperson James Jimenez said of the automated election system in a separate earlier report. - with Carmela Lapeña, RJAB Jr./HGS, GMANews.TV