Friday, December 04, 2015

Friday, December 04, 2015

The official website of the Akwa-Ibom State Government has been hacked by an unknown person that calls himself Xvirus. The website has been defaced and replaced with a page linking to the hacker's Facebook account.
It should be noted that this is not the first time that the websites of Nigerian Governmental Agencies, Ministries and the official website of the Federal Government itself have been hacked. One can recall some months ago when some hackers defaced our official website

Although this hack attempt will be neutralised once the web developers of the website observe it (which is one of the aims of this write-up), it should be stressed that we need to protect our websites, especially vital and sensitive ones such as the Governmental Websites, from hackers. Vital documents can be stolen, confidential matters laid bare, and a whole lot of other calamities can be conjured by the hackers to unleash mayhem in a myriad of ways upon us and/or our Governments.
It is time for Nigeria to rethink her cyber security. When was the last time we heard that Governmental websites in the U.S. or U.K. were hacked? Are their computers, servers, web-hosts, etc, any different from ours? These nations pay critical attention to cyber security. Infact, when a website belonging to a major movie production company was hacked last year, the United States Government treated the issue as a national security threat and responded pro-actively.
We need to make our websites hack-proof by employing "ethical hackers" (such as myself ) to test websites for exploits and vulnerabilities that may render them hackable. Websites should be hosted on dedicated servers which are procured legitimately and protected from leeching, viruses, illegal RDP connections, etc. Governmental websites must employ SSL certificates and make their connection HTTPS "secure"! Websites must make directory listing impossible and also prevent hotlinking of files. File uploads, if they must be present, should be routed to temporary folders or public directories and should not be in the same directories with vital website files. File extensions must be limited to "PNG", "FLV", "OGG", etc. These extensions are harder to use as "viral masks". Ports should be limited to basic ones like :80, :8080, :2096 and :2082. Ports such as :2222, :53, :21, etc, should be disabled if possible and forwarded if impossible. Daily backups, at best, and weekly backups, at worst, should be carried out on servers and websites. IP blacklisting should be enabled and site hits closely monitored. In fact, I could go on and on on cyber security and would not get tired. However, I have said the most salient points that should be put in place for a "hack-proof website". While no website is "TOTALLY SAFE" from hack attempts, we can minimise their possibilities and make it harder to attempt by blocking all vulnerabilities.
Please we need CHANGE in CYBER SECURITY or else, a terrible hacker shall soon rise and undertake a "cyber-coup" of our Federal Government! All levels of Governments in the country should take note. It should finally be noted that I am simply a student of knowledge and a devout computer "worshipper", I do not claim to be an authority. In essence, my write-up is subject to scrutiny, edits, corrections and what-have-we.

Akwa-Ibom State is the largest oil producing state in Nigeria! Its capital is in the serene and notably neat city of Uyo. The current Governor is Deacon Udom E. Udom.
See screenshot below:

0 comments:

Post a Comment