Yesterday about 10:00 pm, the website of Professional Regulation Commission (PRC) was defaced showing a message from the hackers: "Hacked by linuXploit_crew =) by DeRf-, Hualdo and _serial_killer_," As of this time the PRC's website is still inaccessible.
A website defacement is an attack on a website that changes the visual appearance of the site. These are typically the work of system crackers, who break into a web server and replace the hosted website with one of their own.
A message is often left on the webpage stating his or her pseudonym and the output from "uname -a" and the "id" command along with "shout outs" to his or her friends. Sometimes the Defacer makes fun of the system administrator for failing to maintain server security. Most times the defacement is harmless, however, it can sometimes be used as a distraction to cover up more sinister actions such as uploading malware.
A high-profile website defacement was carried out on the website of the company SCO Group following its assertion that Linux contained stolen code. The title of the page was changed from "Red Hat vs SCO" to "SCO vs World," with various satirical content following.
Maybe this is in response by the hackers to the government's statement that they are tightening the IT security among its servers. Following the report that hackers from ghost network where able to breach into some of the computers of Department of Foreign Affairs (DFA).
What is this incident telling us? We need to tightened our IT vulnerabilities and the government needs to be serious about this. To my knowledge this is the third site of the Philippine government that was defaced and "security holes" may still be left opened in other web sites.
Moreover, this incident makes me ask: how secure is the COMELEC's computers to be used in automating the polls? If hackers where able to breach into the gov system, we just hope that the COMELEC's computers is secure enough to for us to have clean 2010 election.
