Support us by visiting our sponsors and win a €20 Amazon Voucher every month
Computime

Follow maltainfosec on TwitterTwitter or RSS 2.0 feed

Mar 5

Embassies' server suffers cyber attack

3 Comments »

Unauthorised software was yesterday identified by the Information Security and Risk Management Department of the Malta IT Agency (Mita) on a server used for the storage of user credentials of personnel in Maltese embassies abroad.

This unauthorised software was identified by security monitoring and alerting tools which have been recently implemented by the agency within an overall framework of security tightening.

Immediately upon detection Mita requested its US-based IT security advisory firm to provide it with an assessment of the potential breach based on the evidence collected by Mita.

The preliminary analysis indicated that the said software had the potential to extract user names and passwords on the embassies server only.

Analysis and assessments of any evidence of similar attacks on other servers was carried out with no such evidence resulting. In the meantime, more assessments were being carried out, Mita said

It said that although it had no evidence that any breach had occurred, to ensure absolute safety of the integrity of data in its responsibility, Mita throughout last night carried out an operation which entailed the disabling of all accounts of users on the said servers and users occupying sensitive positions.

Although currently there was no indication whatsoever of a breach on the servers hosting the user credentials of people in sensitive positions, this preventive measure ensured that these users were not exposed to unnecessary risks.

The rest of the users would be requested to change their password credentials to close out even the most remote risk.

The detection of this attempted breach and the neutralisation of its potential impact was possible following a series of investments made in the recent months by Mita, including the deployment of intrusion prevention systems, tighter policies and stronger password storage technology.

As a direct result of these measures, the length of time required for a perpetrator to decrypt a password is significant and well beyond the short period of time within which the said accounts may have been possibly exposed.

In the meantime, Mita was currently communicating the state of play to all the IT services users in the government and was working through chief information officers in ministries and public sector entities to ensure that users were made aware both of the incident and also of the preventive action taken by Mita to safeguard their information security.

In the meantime the concerned server has been isolated and the police have been informed. Source


Posted by Donald Tabone

3054 hits

0 Trackbacks

Trackback specific URI for this entry
  1. No Trackbacks

3 Comments

Display comments as(Linear | Threaded)
  1. Roman says:
    03/05/2009 11:38:00 PM

    As far as i know all government network (schools,embassy etc. )in Malta are connected via VPN and controlled by MITS (or may be MITa) . so how does this software got there ? and how long was it there ? may it come from inside ?

  2. Stiennon says:
    03/06/2009 01:53:18 AM

    Just as easy to download a Trojan such as the one Mita found on the server through a VPN as in the clear.

    -Stiennon

  3. maltainfosec says:
    03/07/2009 06:07:09 PM

    Followup to the article - No user names and passwords of embassy personnel were lost in an attempt to hack a government server on Wednesday, a US security firm confirmed. No public systems, such as e-government services, were affected and all its systems were back to normal.

    http://tr.im/h7hG

Your comment was successfully added.
Please consider sending us a small donation to keep this site going. Click the PayPal logo below. Thank you!