Hackers hit Elections Office website

Update, 4:40pm: A release issued late Tuesday by the Elections Office explained the situation. The Elections Office wishes to advise that at 9pm on Monday, 4 March, an individual exploited a flaw in the countdown script that was being used on the website to replace the home page with one of his/her own. No usernames or passwords were hacked or exposed. The data that contains the register of electors is maintained in a location that is not publicly accessible outside of the web interface that is made available for electors to search this information. The countdown counter has been disabled and the 3 files that were uploaded by the hacker have now been deleted. All files were checked to ensure that none were modified in the past 24 hours. As to the Elections Office’s data base, which includes electors personal details, along with other data, this is all maintained on a stand alone platform with no outside link.
 

 

Just a few months away from the general election, the Cayman Islands Elections Office found its public website had been hacked sometime between Monday night and Tuesday morning.

The site www.electionsoffice.ky, did not contain its usual information lists on Tuesday morning, but instead had gone to a blank white screen with the title ‘Hacked By Riad’.

“This WebSite have been hacked by Team MaRoots,” proclaimed the hackers, who then asked anyone visiting the site to contact them at ‘Riad Spamer’.

Orrett Connor with the Elections Office said Tuesday that office Director Kearney Gomez became aware of the breach around 7am Tuesday morning and that computer services were working to get the website back up.

By 9am Tuesday, the Elections Office site had an indexed site map up and had removed the hackers comments.

Mr. Connor said it was possible that hackers struck the site overnight Monday, but that officials were still looking into the breach. He said the breach did not affect any of the Elections Office’s secure data.

“It had nothing to do with our secure database, it was just the public webpage that the public has access to,” Mr. Connor said.

Please check back for more on this story.

hackedbyriad

Screenshot of Cayman Islands Elections website

1 COMMENT

  1. This is not an indication of any breach of secure systems. The vast majority of webpages are hosted by commercial companies based in various parts of the world. The hacking is into their systems and was probably achieved by using technology to predict passwords etc.
    It is the hosting organisation that needs to tighten up their system.

  2. It’s not the fault of a commercial company. It’s also not some mystery as to how they got past secure government tech. It’s the fault of the programmer who built this site, most likely on an unsecured server, using an open-source software platform (outdated by the way by at least 2 versions) with known vulnerabilities. A simple site attack based on the relatively easy exploitation of an unprotected configuration. Oh, and probably no firewalls either.

Comments are closed.