Dozens of Singapore websites, possibly more than 180, have been defaced by hackers in two separate occasions this week.
The latest batch of defacements, which occurred at 11am yesterday, affected over 80 websites, reported SingCERT, a cyber security organization started by government agency IDA. Some of those sites belong to the Reform Party (RP), an opposition political party in Singapore.
The RP has alleged on its Facebook Page that hackers compromised its site by inserting a webpage with an image of a defaced Singapore flag. The word ‘looser’ was written across it. Kenneth Jeyaretnam, secretary general of the RP, confirmed that the perpetrators claimed to be from Anonymous Indonesia.
Jeyaretnam added that IDA has ordered the party to take the site down. It is still offline as of 12.30am today.
SingCERT has notified hosting providers about the intrusions. It said that no government websites were affected.
An earlier set of incidents may have affected at least 103 websites, according to Zone-H.org, which archives online defacements. A group called Lopht Crews is apparently responsible, and many of the digital graffiti are still present on the websites.
This type of intrusion are usually done through one of two ways: SQL injections, a technique for gaining administrative access to the website by manipulating the database, or by obtaining the username and password to the server’s File Transfer Protocol.
It’s unclear how often such defacements occur to Singapore websites. Nonetheless, Zone-H has documented that between 60,000 to 120,000 of these incidents happen every month on a global scale.