Government website login details are sold online

News by Dan Raywood

Major European and US government websites revealed to have been hacked, with access to the sites put on public sale.

Major European and US government websites revealed to have been hacked, with access to the sites put on public sale.

Research by Imperva's Hacker Intelligence Initiative (HII) found dozens of .mil, .gov and .edu websites that had been hacked and access to these are up for sale due to SQL injection vulnerabilities. The list includes government sites and defence and state sites in the USA and Europe, with access to these sites being sold from $55 to $499 each.

Noa Bar-Yosef, senior security strategist at Imperva, said that the hacker is also selling personally identifiable information (PII) from hacked sites, for $20 per 1,000 records, with one example of them selling a list of University of Connecticut staff.

He said: “The victims' vulnerabilities were probably obtained by an SQL injection vulnerability automatic scanner and exploited in an automatic manner, as the hacker published his methods in a post in some hacker forum.”

Paul Vlissidis, director of NGS Secure, part of NCC Group, said: “This is certainly not a dramatic new departure and something we have seen many times before. Many government sites are simply a shop window and these particular ones in question may well be brochure ware sites with nothing more sensitive than a bit of marketing information on them.

“Generally it the transactional websites that offer a more direct route to valuable data. If this is the case here, it may not mean immediately penetrating a deep government website but instead just having the access to the brochure ware site. Of course this could still allow defacement and if the miscreants have accessed the content management systems that may be exposed on these websites, then it could allow the purchasers of the credentials to modify the content to include links to malware. Sometimes CMS logins can be found through methods as simple as searching on Google.

“I don't think this case is as serious as we are being led to believe but without seeing the actual website details, it is difficult to say. I would say, however, that if the activity is the real deal, the prices are extremely low.”


Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews