Pinoy Hackers who are closely collaborating with ISAW in informing Philippine sites to secure their systems are concerned with the lack of interest of the administrators in securing their servers.
ISAW received separate emails from these hackers just this week. The emails lament the unconcerned admins who never acknowledge nor secure their servers after they were informed that their systems are vulnerable to hack attacks. "They seem not to take us seriously," said one email "one admin even said OK lang, try nyo i-hack me firewall naman kami" said another.
ISAW believes that these admins have a false sense of security because of the ID systems they have put in place. Private companies who are hoping to get huge contract from the government by selling IDS and IPS systems are the likely source of this arrogance. Nabibilog mga ulo ng government officials natin na 100% secure and system nila once they use this and that IDS and IPS systems.
Some of the agencies that are vulnerable according to the emails sent to ISAW are:
NWPC-DOLE Official Web Site
Ebay Philippines
Agriculture and Fisheries Research and Development Information System
National Water Information Network
Office of the Solicitor General
Sourceport of DOST
... and a lot more .gov.ph sites
ISAW did not inform these agencies as the CIDG said in their posts in the blogsite of ISAW (http://technews-isaw.blogspot.com) that they can do their work without the intervention of anybody.
The independent hackers who informed these agencies mentioned above are not connected with ISAW. And according to these hackers, they did not receive any acknowledgement from these agencies.
-o0o-
Nigerian jailed 4 years in Hong Kong for 419 scam
A Nigerian was sentenced to a jail term for four years in Hong Kong over a global e-mail scam offering a "secret fortune" of $26-million. The email scam also known as the Nigerian 419 scam went around the world offering to deposit the fortune of a dead South African businessman in return for a fee of $24,000.
Ezeh Benson Ezeyim pleaded guilty to attempting to obtain property by deception. He also pleaded guilty to possession of a fake diplomatic passport and was given an 18-month concurrent sentence for the offence.
= = = = = = = = = = = = =
The above article shows that the Hong Kong government is serious in going after internet fraudsters and hackers. To my knowledge, no special agencies were created in Hong Kong against hackers and internet scams.
In the Philippines the government would like the people to believe that it is serious in going after the hackers. Agencies were created whose task is to go after the hackers, but 'till now these agencies have to show their worth.
The same day the G-CSIRT was launched, the Philippine Goverment Portal (www.gov.ph) was defaced by foreign hackers. G-CSIRT is the main agency whose task is to protect the Philippine Information superhighway. Nothing has come out of the investigation about the incident. The government instead is going after a Filipino hacker who was unsuccessful in hacking the portal. Why? Maybe to show us that they mean business :). We can see the concerted efforts of the government agencies in running after Mr. Giner, a Filipino hacker; while foreign hackers are making fun of our government sites.
The government should think again about these special agencies. The NBI and PNP can handle the incidents in a more efficient way without grand standing and "praise" releases so why the need to create non-performing agencies? Just asking.
