A team of hackers from Brazil admitted to hacking a website of the National Cyber and Password Agency (BSSN).
The hijacking is said to be in retaliation for cyberattacks on Brazilian government websites.
The government website hack targeted www.pusmanas.bssn.go.id. Until now, the site cannot be accessed, although the main site bssn.go.id can still be opened.
The team that did the hacking on the BSSN website claimed to be named theMx0nday. They share screenshots of the site they have defaced. This deface is a recompense for bad people from Indonesia who hacked Brazilian sites. Look how easy it is to destroy your country," wrote the hijacker.
What is Deface?
Cyber security expert Pratama Persadha explained, deface is the hijacking of a website and changing its appearance.
These changes can cover the entire page or only in certain sections. For example, the website font is changed, annoying ads appear, and the page content changes as a whole.
He warns that this hack is not necessarily a light attack. Even so, he said it was necessary to carry out digital forensics and a thorough information security audit.
"Don't assume that all defacement attacks are light attacks, it could be that the hackers have gone inside," said Pratama, who had been an official of the National Crypto Agency (Lemsaneg) before turning into BSSN.
Pratama regrets that BSSN as an institution that should be the safest from cyberattacks is actually easy to hack.
Currently, the most important thing is that the data in it is stored in encrypted form. Thus, even if it is stolen, hackers will not be able to read the contents," said Pratama, quoted from Antara.
3 Brazilian Sites Hacked
Meanwhile, it is known that hackers from Indonesia retaliated by hacking at least 3 Brazilian government sites.
The hacker who claimed to be named /Rayzky_ shared the results of hacking three Brazilian sites on the Zone-H website. I don't want to do this. To be honest, I'm not very good at hacking. But with God's permission, I can hack this site," wrote the hacker from Indonesia.
Urge Government to Strengthen Website Security
Meanwhile, the Chairman of the Indonesian Cyber Research Institute CISSReC Pratama Persadha asked the government to strengthen security by conducting inspections on government websites.
"One solution, for security audits or pentest, can be done regularly, either with a black box or white box approach. The method used can be passive penetration of active penetration," said Pratama.
Especially for pentest web defacement, he continued, the tests that need to be done are configuration management testing, authentication testing, session management testing, authorization testing, data validation testing, and web service testing.
In addition, Pratama suggested a state solution by finalizing the Personal Data Protection Bill (RUU PDP) as soon as possible.
Thus, there is a mandate from the PDP Law to force all state institutions to improve IT infrastructure, human resources, and even adopt pro-cyber security regulations.
"Without the PDP Law, hacking incidents such as government websites will repeat themselves," said this graduate lecturer at the State Intelligence College (STIN). The weak cybersecurity of government-owned online sites is now an opportunity for cybercriminals.
A number of official government websites were reportedly hacked and used as online gambling sites.
Some of the perpetrators have been arrested, but this practice is likely to become a trend, given the weakness of cybersecurity on websites owned by the government and state institutions.
Cybersecurity expert Pratama Persadha explains that hacking is easy to do because weak security has become an entrenched culture. He said that so far government sites have been victims of web defacement.
These perpetrators hacked and then created a URL on the hacked domain so that it was difficult to track and not easily known by the owner of the system.
"There are hundreds of government sites that have been infiltrated by online gambling due to weaknesses in the web system so that it is easy for perpetrators to enter and embed these advertisements," said Pratama in a written statement, Monday (10/18/2021). "It is often opened by the general public because it can increase the rating of online gambling advertisements," continued the Chairman of the Communication & Information System Security Research Center (CISSReC) cyber security research institute.
According to Pratama, it is necessary to actively look for threats in the system or commonly known as threat hunting. Even if there are sufficient resources, it can carry out cyber threat intelligence. One of them is a unit that actively seeks information on threats related to the organization to the outside. "For example, by joining underground forums, or participating in security forums," he explained.
Primary added that at this time the cyber attack could no longer be seen just from