The website of the Royal Navy was broken into by a Romanian hacker at the weekend, leaving it offline for several hours.
The hacker, known as 'TinKode', claimed to have broken into the main British Royal Navy website - www.royalnavy.mod.uk - and intercepted sensitive information such as usernames and administrator passwords. Talking to SC Magazine, senior technology consultant at Sophos Graham Cluley said that the front page of the site had been replaced with an image saying it was down for maintenance.
He said: “Considering last month, the defence review said that cyber security was a top tier threat and now a hacker has gone in with an SQL and left them hit, people will be concerned about what has been stolen.
“The Ministry of Defence is lucky that on this occasion, those behind the hack have been motivated more by mischief than malice. With luck this security breach is more of an embarrassment to the Ministry of Defence than a more significant assault on a website presenting the public face of an important part of the armed forces.
“All website owners should take note of this attack and the need to build secure websites that cannot be breached easily by hackers. The Royal Navy could have found itself in a far more sinister situation if hackers had chosen to embed spyware onto the website and infected visitors' computers to steal classified information.”
TinKode describes himself on Twitter as a grey hat and among those 'congratulating' him on his efforts, was one who said: "It shows the level of our goverment's commitment, cannon fodder, always is, always will be. Monkey sees monkey doe's [sic]. Thanks for displaying their ineptitude, piss up in a brewery springs to mind."