Sometimes, you would wonder how our government act on issues involving cybersecurity. The Department of Education (DepEd) is a top favorite probably because most of their websites have little to zero security. Their assigned IT personnel, if there’s one, does not seem to care about the reputation of the agency nor with the information that their websites store. It may not be their top priority as of the moment since they’re also bombarded with more pressing national issues but shouldn’t DepEd do something about these rampant defacements? Isn’t it alarming?
A recent report sent to us compromises another website of the agency. A hacker nicknamed K1LL3rB4LL defaced the website of DepEd Marinduque. The defacement took place last night and the message that they left to the domain remains up as of this writing.
The message of the hacker is simple – he wanted the system administrator of the site work like a real IT pro. He’s suggesting to apply the necessary patches on the website as soon as possible. It would probably take some time for them to fix this security issue but hopefully, they are already on top of this now. If not, they should be ready for the worse. It’s just a matter of time for other hackers to target their website to do more sophisticated attacks.
Based on the report, the hacker managed to get through the admin panel of the website which led him to view some credentials. Using those pieces of information, he was able to log in to DepEd’s Learning Resource Portal. You could just imagine the extent of this breach with all the possibilities that this hacker could do.
K1LL3rB4LL claimed that he’s from Marinduque and is really concerned about the security of DepEd’s website in their province. He already reached out to them before but was not satisfied as they’re not acting on it appropriately.
In a social media post, Anonymous Quezon City shared the email users that K1LL3rB4LL acquired after compromising DepEd Marinduque. To avoid spreading the confidential information, we purposely removed the associated Pastebin link in the image below (although we know you’re just one click away in getting hold of that information).
We do not condone this and other similar attacks to any websites even if we share the same sentiment that our government should seriously consider investing in cybersecurity.
September 11, 2018 – Reported this security incident to 8888 under Ticket #: G20180911-447-5
September 14, 2018 – DepEd Marinduque sent us an email saying that they have already received the report from 8888 and security measures are now being deployed to the website. As of this writing, the site is currently down and is just being redirected to their web hosting provider.
**End of Update**
We truly appreciate that the agency is really acting on this. Kudos, to DepEd Marinduque! We hope that this would be your last security incident.
- PH releases first Super App ‘eGov PH’ - June 3, 2023
- Finding the Best Place for Repairs After a Car Accident - February 27, 2021
- ABS-CBN YouTube channels hacked by crypto scammers - November 4, 2020