Government website hacked

L.S.M Kabweza

18 March 2013

Yesterday, we noticed that a government website, www.mines.gov.zw, was hacked. The website belongs to the Ministry of Mines and Mining Development. It was designed and is hosted by the Government Internet Service Provider (GISP) so we sent them an email notifying them just in case they don’t know it yet.

The website was defaced. Along the website’s legitimate text and links appears the words “Hacked By muStireiS”. We have highlighted the text in red in the image below.

Ministry of Mines and Mining Development website

Besides the defacement, its not clear (and it’s unlikely) there’s any other damage done. As for how it happened; it could be someone just taking advantage of unpatched known vulnerabilities in the content management system. It could also be the bad old practice of leaving default passwords unchanged. We’ll try to get comment from GISP on the matter.

Connectivity

Xiaomi Redmi 13C (128GB, 4GB)

$120
Xiaomi Redmi Note 13 Pro+ 5G (256GB, 8GB)

$340
Samsung Galaxy A15 (128GB, 4GB RAM)

$154
Samsung Galaxy A05s (128GB, 4GB RAM)

$130

Browse more phones

11 comments

vaGudoguru

18 March 2013 09:22

The hacker should have asked: “Were are you putting the diamond revenue?”
Joe Black

18 March 2013 09:24

*sigh* the struggle continues, comrades.
brainy

18 March 2013 09:37

@techzim
is there is cyber ecurity company on Zimbabwe soil? asked google he did not have the answer..
1. Rocka
  
  18 March 2013 22:05
  
  There is a huge skill gap at the moment in zim in terms of cyber security professionals. Most of the security gurus left the country due to the lack of “real security” at most organisations in Zim. I would want to believe they are a few guys left in zim and the Big 4 consulting companies can help. However, most of these are 5-7 years behind due to lack of investment and advanced training.
  1. brainy
    
    18 March 2013 23:43
    
    can you pliz give me a name for same of the Big 4 consulting companies, it would be of gt8 help…
    1. Rocka
      
      19 March 2013 01:30
      
      Deloitte, PWC, E&Y and KPMG
      1. Glonass
        
        16 January 2015 10:25
        
        Are you serious those are IT Security Firms in Zimbabwe? You must be joking
Guest

18 March 2013 11:23

joomla to blame!
tinm@n

18 March 2013 11:29

Most of these attacks are automated. If you have worked for an ISP, you can testify on the barrage of attacks one gets daily. There’s hardly any political motivation or incentive on data for such websites. Thank goodness for Zim, generally, actual data is not hosted by the same network that contains actual government data… a situation that’s prevalent hasnt worked well for the developed nations.

The good thing about it is that it embarasses those concerned(leaders and those technically responsible). Makes them more security aware
tinm@n

18 March 2013 11:33

Hedious website by the way.That animated graphic is a distraction and eyesore…amongst many things
Member

18 March 2013 14:45

most of these gisp designed are still on joomla 1.5, i think it is time to upgrade now.

Home