Subscribing to the philosophy that no publicity is bad publicity, a Cayman Islands security company said Monday that it was “flattered” that its website was chosen in a computer hacking incident meant as a warning to the business.
On 30 March, a group named ‘MalSec’ claimed responsibility for breaking into the Security Centre Ltd.’s online site and changing its home page.
The MalSec hackers left the website intact, leaving only a replacement homepage up to advise the Security Centre of its vulnerability.
“We urge you to secure your site before claiming to be the ‘best of the best’ in any kind of security,” the hackers wrote. “We were not the first; traces of previous security breaches were found.”
The group gave instructions on how to turn the website to normal and asked the Security Centre to fix the problem before someone else with more “harmful intent” breaks in.
“You can thank us later <3,”: the hackers wrote.
On Monday, the Security Centre sent out a news release acknowledging the breach and assured clients that no personal information or company files were contained on the website.
“This incident was an attack on the homepage of our offshore hosted website and not an attack on the company’s main server,” the security company noted. “No client or employee information is stored on our website and at no time was secure, confidential or personal information obtained.”
The Security Centre Ltd. is not an Internet security company. It provides physical security services, such as security guards for businesses, alarms, locks and CCTV cameras.
The company wondered why someone who took the trouble to hack into its website might not have noticed what kind of services they actually provide.
“We can say that we were flattered to be chosen having now seen some of [MalSec’s] previous successful targets,” the Security Centre noted.
MalSec was recently credited in a wireless ‘break-in’ that occurred in a server belonging to the Nigerian Senate.
The group does not appear to have been affiliated with some of the more serious attempts to take down government websites or servers, including one recent incident that involved two US Federal Trade Commission websites.
The threat of computer hacking has been around for years, but the past 24 months has seen the rise of specific groups that have claimed their organisations were responsible for online break-ins around the world.
In New York last month, US prosecutors brought charges against six men who were accused of membership in a worldwide collective of computer hackers who targeted businesses, governments and individuals.
The hackers’ group is known as Lulz Security, or LulzSec. Members claimed to have hacked into the computers of television network PBS last May in retaliation for a “Frontline” episode about WikiLeaks. The also allegedly hacked Sony Pictures’ computers and stole personal information from some 100,000 of its customers.
The groups largest attack occurred last June with the alleged theft of data of about 200,000 users of a website for the game Brink.
LulzSec is just one of several secretive hacker groups that have gained prominence during the past year. They are loosely organised, authorities have said, often with no central leadership.