Thursday, May 14, 2015
By RASHAD ROLLE
Tribune Staff Reporter
rrolle@tribunemedia.net
PRIME Minister Perry Christie yesterday revealed that someone hacked the Ministry of Tourism’s website, which he said created “enormous national security implications” for the country.
Members of the House of Assembly were expected to debate the Sovereign Wealth Fund Bill and the Petroleum Bill to allow for oil exploration and drilling in the country.
However, following communications from government ministers on a range of issues, Mr Christie stood and said Cabinet ministers would retire for the duration of the session to discuss the implications of the hacking.
Subsequently the House of Assembly did not have an afternoon session and was suspended until May 20.
Mr Christie gave no details on the nature of the supposed national security threat, but suggested it had implications for the country’s reputation.
Attempts to get details from government and police officials yesterday on the hack were unsuccessful. When The Tribune visited the Ministry of Tourism’s website it appeared normal.
Mr Christie noted that a similar incident had happened in a Caribbean country, but did not name the nation.
According to international reports, the government website of St Vincent and the Grenadines was hacked earlier this month by a purported “Islamic State”.
According to I-Witness News (IWN), a message was posted on the St Vincent government’s website claiming that an “Islamist rebel group” had hacked the site.
“Visitors to the website were greeted by a message saying ‘Hacked by Moroccanwolf – Islamic State’ and a photo of a man firing a machine gun from the back of a pick up truck,” IWN reported.
Comments
ThisIsOurs says...
Here we go again the. "National security" smokescreen. I would bet they got nothing done. Not one thing. Tired old men who don't even know what a bit is, who have no time and couldnt scrape up 1/16 oz of humility to save their lives to listen and take advice from the experts. Some weeks ago a technical consultant said he notified the government YEARS ago about the weakness in government networks, no one listened. I've heard that BOB was hacked as well
The **REAL** national security threat is clueless, visionless, arrogant, lecherous, all for me cabinet ministers and cronies. Investigate that.
Posted 14 May 2015, 6:39 a.m. Suggest removal
B_I_D___ says...
Guess you better create a select committee to investigate the matter!!
Posted 14 May 2015, 7:29 a.m. Suggest removal
Tarzan says...
By all means table a report, or in the alternative report a table.
Posted 14 May 2015, 8:39 a.m. Suggest removal
Well_mudda_take_sic says...
Hopefully we see published on the internet some of the more interesting tidbits the hackers may have managed to get their hands on. Obviously anything that puts sunshine on instances of misconduct and/or corruption by senior officials in our government would be welcomed by the Bahamian people. Amazing that Christie is only too quick to label this hacking incident a threat to our national security, but he has never considered his government's failure to provide our country with a sufficient reliable supply of electricity at reasonable cost to be a much greater threat to our national security interests, or, for that matter, his government's insatiable borrowing appetite that has taken our national debt to unsustainable heights. Christie will no doubt misuse this hacking incident to justify the need for new legislation to legitimize and fund the national security/intelligence agency that his government has been illegally operating for quite sometime now with B. J. Nottage as the Cabinet Minister responsible for its illicit activities to date. Yes, this will mean more VAT revenues redirected by Christie to the growing of his government. And of course such an intelligence gathering agency will be used by Christie to spy on those who oppose him and the interests of the PLP elite. Many Bahamians who have studied abroad computer engineering, computer programming, cyber security and other computer sciences have opted to stay abroad because of the failed social and economic policies of the Christie administration so Christie himself bears great responsibility for our country's lack of preparedness to hacking incidents and other cyber attacks. The lack of talented Bahamians means foreigners will have to be hired to manage and protect our more critical computer systems.......pretty much like we now have to hire foreigners to manage the affairs of BEC because the young Bahamian electrical engineers educated abroad have no desire to subject themselves to the political mess our country finds itself mired in today! And to think BEC once had quite an impressive cadre of young talented Bahamian electrical engineers who have since left or retired from BEC without the ability for them to be replaced.
Posted 14 May 2015, 8:59 a.m. Suggest removal
Reality_Check says...
And let's not forget about the foreigners who have been hired by our government to manage Nassau International Airport. Seems our government loves giving Bahamians a D- education while the political elite and their business cronies make many lucrative side deals with the foreigners they prefer to hire to manage and/or own just about everything in the public sector of our economy today. Our main airport, BTC and BEC are public sector monopolies that should have been pumping great profits into our Public Treasury had they been properly managed and maintained over the years. If successive Ingraham and Christie led administrations could run these public sector monopolies into the ground through unseemly political interference, one can only imagine what lies ahead for our entire country. Simply frightening!
Posted 14 May 2015, 11:05 a.m. Suggest removal
licks2 says...
FOIA BY OTHER MEANS HAHAHAHAHAHAHAHAHAHAHAHAHAHAHA! Yall think that this will become common place so that we can see under that bid damn "RUG" they sweeping everything under??
Posted 14 May 2015, 12:28 p.m. Suggest removal
duppyVAT says...
Where is BJs CIA when you need it???????????????????
Posted 14 May 2015, 1:43 p.m. Suggest removal
EasternGate says...
Well said well-mudda-take-sic. I would be curious to know just who the PLP has hired at Tourism IT Department. More than likely, some half-ass incompetent supporters unable to protect the system
Posted 14 May 2015, 8:59 p.m. Suggest removal
Major_Pain says...
See below. Also it's important to note that even the US Government servers have been hacked in the past, for example the Chinese are continuously attacking them looking for vulnerabilities.
Posted 14 May 2015, 9:43 p.m. Suggest removal
Major_Pain says...
1) The Bahamas Ministry of Tourism Website is created and maintained by a foreign company and has been for years.
------------------ domain whois ----------------------
Domain Name: BAHAMAS.COM
Registry Domain ID: 4289494_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.networksolutions.com
Registrar URL: http://networksolutions.com
Updated Date: 2015-01-28T23:38:35Z
Creation Date: 1998-06-30T04:00:00Z
Registrar Registration Expiration Date: 2024-12-21T05:00:00Z
Registrar: NETWORK SOLUTIONS, LLC.
Registrar IANA ID: 2
Registrar Abuse Contact Email:
Registrar Abuse Contact Phone: +1.8003337680
Reseller:
Domain Status: clientTransferProhibited http://www.icann.org/epp#clientTransfer…
Registry Registrant ID:
Registrant Name: Ministry of Tourism
Registrant Organization: Ministry of Tourism
Registrant Street: 1200 South Pine Island Road
Registrant City: Plantation
Registrant State/Province: FL
Registrant Postal Code: 33324
Registrant Country: US
Registrant Phone: +1.9542369292
Registrant Phone Ext:
Registrant Fax:
Registrant Fax Ext:
Registrant Email:
Registry Admin ID:
Admin Name: Adderley, Andrew
Admin Organization: Ministry of Tourism and Aviation
Admin Street: 1200 South Pine Island Road
Admin City: Plantation
Admin State/Province: FL
Admin Postal Code: 33324
Admin Country: US
Admin Phone: +1.9548881087
Admin Phone Ext:
Admin Fax: +1.9542369282
Admin Fax Ext:
Admin Email:
Registry Tech ID:
Tech Name: **Cyberitas Enterprises LLC**
Tech Organization: Cyberitas Enterprises LLC
Tech Street: 4736 N. 12th St.
Tech City: Phoenix
Tech State/Province: AZ
Tech Postal Code: 85014
Tech Country: US
Tech Phone: +1.6023810123
Tech Phone Ext:
Tech Fax: +1.6023810160
Tech Fax Ext:
Tech Email:
Name Server: DNS1.CYBERPUB.COM
Name Server: DNS2.CYBERPUB.COM
DNSSEC: Unsigned
URL of the ICANN WHOIS Data Problem Reporting System: http://wdprs.internic.net/
Posted 14 May 2015, 9:33 p.m. Suggest removal
Major_Pain says...
Here is more info on the Bahamas.com server.
http://toolbar.netcraft.com/site_report…
Notice it uses Drupal, which is OPEN SOURCE content management system.
https://www.google.com/search?q=Drupal+…
Eg. "Up to 12 million websites may have been compromised by attackers who took advantage of a bug in the widely used Drupal software."
https://ma.ttias.be/drupal-enginehack-d…
Posted 14 May 2015, 11:07 p.m. Suggest removal
Major_Pain says...
2) Although we are not given any info about this "hacking", they mention the Moroccan "hackers" from the other website. Therefore it is likely some "script kiddie" attacking an unknown (to them) website based on the type of server that website is using. Thousands of websites are "hacked" daily, and many of them are by groups in Turkey, Morroco, and other countries - generally they come from Fundamentalist Islamic Discussion Forums (websites). The Syrian Electronic Army is another well known group, not necessarily considered a terrorist group like ISIS (depends who you speak to).
Most of these so called "hacks" are simply to deface the website temporarily, if by some luck they are able to make some more advanced changes, they may add a trojan to the server so they can run attacks on other websites/servers. In some cases ofcourse they may be after data but they first have to crack the additional passwords needed to access that data - usually different from the server passwords. And even so, they likely never even got past some basic bug in the server code which allowed them to do some basic "hacking" like defacing the website.
Fortunately for us Islamic Terrorists are not very advanced, they are actually extremely stupid. Ofcourse though it helps if the government provide us with more details.
Posted 14 May 2015, 9:41 p.m. Suggest removal
Major_Pain says...
So the BIS release does name the group that "defaced" the website:
http://www.thebahamasweekly.com/publish…
It's a group from Tunisia called "Fallaga Team". Seems like just a bunch of bored kids, not as "terrorist" as they may like you to think. They use vulnerabilities in existing server code, SQL injections etc. So basic protection should help keep them out - create adaptive code to trap them, use vulnerability testing software to test with, it also acts as a quick way to create blocks for known exploits. PHP are the most common sites attacked. They don't do anything special, they likely learned it from simple google searches, even Youtube videos.
http://cjlab.memri.org/lab-projects/mon…
http://mashable.com/2015/01/13/islamist…
http://www.vice.com/en_se/read/we-skype…
here is the Fallaga Team's twitter - https://twitter.com/fallaga_team
and Facebook; https://www.facebook.com/Elfellaga
Report them, it may help stop them temporarily.
They also have a youtube page.
Posted 14 May 2015, 10:10 p.m. Suggest removal
duppyVAT says...
Please refer this matter to the AG Office and let BJs CIA Department go find those terrorists!!!!!!!!!
Posted 15 May 2015, 11:59 a.m. Suggest removal
Log in to comment