Information acquired using Netcraft
Bedfordshire police’s website was hacked into last week (10 June), allegedly by a 17-year-old computer programmer.
Whilst the pages of the original website remained unaffected, visitors to the site were directed to a page created by the hacker. It depicted a small, animated boy carrying a Tunisian flag, followed by a line claiming ‘hacked by xtobi’.
The page also showed a green symbol and a Muslim prayer in Arabic and a link which took users to a website containing games and software. A similar page appears on other websites allegedly hacked by possible culprit Arfaoui Firas.
A spokeswoman for Bedfordshire police said that “the website is hosted externally away from all other police systems, so no personal or confidential data could have been obtained”.
The site was still not up and running early this week after being taken offline when the problem was discovered.
Users simply came upon a maintenance message. A spokeswoman for Bedfordshire police said, “Bedfordshire Police take security extremely seriously, which is why the website is hosted independently and outside all other IT systems.”
Internet Security company, MelBek, told Police Professional; “Defacing websites generally falls into two categories, serious/professional and amateur hackers, or as we call them script kiddies... if a live sciences company’s website was defaced and the message said ‘Animal testing is flawed science’, then this is more likely to be a targeted attack.
"If, on the other hand, it said ‘hacked by the angry gorilla group’, then this is most likely a script kiddie that got lucky.” The Bedfordshire website appears to be a result of only amateur hacking – for disruptive, rather than malicious, reasons. A full investigation has been launched into how the hacking of the Bedfordshire website took place.
An expert eye
While the incident with Bedfordshire police was a relatively minor breach, the fact that a stranger can remotely tamper with the workings of a website is a growing concern, particularly because of the amount of private information that could be misused.
Darren Ilston of MelBek Technology was able to shed some light on the Bedfordshire police case and general website security measures.
Using a website called ‘Netcraft’, Mr Ilston revealed some information on the Bedfordshire Police website as shown at the top of the page.
Mr Ilston highlights the sudden change from Windows Servers to Linux on June 10: “You will notice that the operating system [OS] changed on the 10 June 2008 from Windows Server 2003 to Debian Linux. This makes me think that the Windows server was compromised and they changed quickly to Linux server to stop any further damage and to secure the server and take digital forensic evidence in order to track down the perpetrators.”
Mr Ilston’s explanations are purely speculative, as an ethical hacker he can give an informed guess at the root of the problem.
“In my opinion the web server was not patched (like running Windows update) or the configuration was done incorrectly, either of these things is like leaving your front door on the latch, most passers-by don’t push the door as it is not their house, others see that the door is closed. The hackers, however, push the door and get in, and once you are in you can do what you want. In this case they used digital graffiti.”
More expert advice on computer forensics can be found at: http://www.melbek.co.uk/
And on other sites...
Devon and Cornwall police: June 2006
The site was simply replaced with the word ‘Hacked’.
Home Office website: January 2008
The ‘Crime Reduction’ page was replaced with a fraudulent page. A number of people were sent phishing emails allegedly from an Italian bank, asking the person to go to the false webpage that had been set up and confirm their bank details. In doing so users would put their accounts at risk of being misused.
The Home Office confirmed that: “At no point was there a risk to any personal or security information held on Home Office IT systems.”
Metropolitan police recruitment webpage: February 2008
Embedded with an image of children’s TV character ‘Yo’ Gabba Gabba’ along with the caption: "OH HAI GUYS do joo wanna bes a policeman lulz?