Published by the government of Zimbabwe
13 May 2008
Harare — HACKERS sabotaged The Herald's website database on Sunday night, changing headlines on the latest web edition.
The hackers, believed to be operating outside Zimbabwe, managed to get through security systems on both the server and database at the Internet service provider hosting the website and changed headlines on the front page.
The changes were sufficiently simple and basic that all visitors realised the site had been hacked. Within a few hours of the attack, the site was taken off the Internet while new security measures were implemented.
Other Zimpapers titles, which all have their own unique protection, were not affected.
Zimpapers IT manager Mr Thompson Ndovi yesterday said the sabotage probably took place between Sunday evening and Monday morning and measures were being put in place to make a second assault far harder.
"The indications are that somebody managed to access our servers hosted by our Internet service provider and corrupted our database so that the news headlines we had uploaded changed.
"The uploading process itself is very secure and it is up to the ISP to provide adequate security, primarily through firewalls, for our websites.
"The Internet is generally not secure in Zimbabwe and it is only because there are few opportunities in hacking that few Zimbabweans are interested in it. But The Herald is certainly vulnerable especially in the obtaining political situation, and we are putting in place measures, along with our ISP, to improve security.
"We are not at liberty to divulge what these measures are as this would alert the hackers and give them the opportunity to try and do this again," Mr Ndovi said.
However, the measures taken mean that the data used for Sunday night's hacking will no longer work and it will be considerably harder to generate the data for another successful attack on the site.
After a successful attack on the Chronicle website several years ago, probably by a disgruntled former employee, Zimpapers upgraded security significantly. The hacking of The Herald website means that almost all Zimbabwean websites are vulnerable.
Hackers are people who break into computer and network security systems for motives that can range from political beliefs to financial gain. Internet banking systems are a common target.
Sophisticated software is now readily available within the "hacker community" that helps hackers identify servers hosting a website or database and then enter this to change it or to steal private information.
Identity theft and raids on banking sites have become the most common criminal activity on the Internet.
Even exceptionally well-protected servers, such as some of those owned by the US military, have been successfully attacked.
However, there are measures that can be taken to make it far harder for hackers to get into a database or site and it looks as if almost all Zimbabwean site owners and hosts will have to upgrade security now that hackers are active here.
There has been discussion in recent months in some of the external Zimbabwe forums on the Ielad websitenternet egging on hackers to attack Zimpapers.
Be the first to Write a Comment!
Copyright © 2008 The Herald. All rights reserved. Distributed by AllAfrica Global Media (allAfrica.com). To contact the copyright holder directly for corrections — or for permission to republish or make other authorized use of this material, click here.
AllAfrica aggregates and indexes content from over 125 African news organizations, plus more than 200 other sources, who are responsible for their own reporting and views. Articles and commentaries that identify allAfrica.com as the publisher are produced or commissioned by AllAfrica.
