SAPS website hacker interviewed

Domainer, the Anonymous hacker behind the release of data from the SAPS website reveals how he breached the site’s security

May 22, 2013
DomainerAnon SAPS

A simple SQL injection attack was all that was needed to get hold of data stored in the database of the South African Police Service website, the hacker responsible for the breach recently told MyBroadband.

Going by “Domainer” (or @DomainerAnon on Twitter), the hacker said the attack was made possible by a poorly designed website.

Domainer confirmed that the attack on the SAPS website on Friday (17 May 2013) was in retaliation for “the lack of adequate justice for the slaughtered miners” at Marikana.

“It also highlighted the fact that SAP’s own duty of care, namely the security of information on its servers is questionable,” Domainer said.

On Wednesday (22 May 2013), Divisional Commissioner of Technology Management Services, Lieutenant General Bonginkosi Ngubane responded to Domainer’s statement, saying that he doesn’t think it’s a fair comment to make.

“There is a commission of inquiry that’s ongoing [into the events at Marikana],” Ngubane said. “I think it’s an unfair statement to judge the police before the commission is finished.”

Following Domainer’s release of the data from the SAPS website, eNCA reported that “hundreds of whistle-blowers have had their private details exposed”, resulting in a mixed response on social media.

SAPS website hack by Domainer criticism

Criticism of SAPS website hack by Domainer

“Yes, it seemed as though my release of the SAP data fired up some South African people,” Domainer said, adding that whether stemming from criticism or praise, the debate and understanding that follows it is important.

However, Domainer didn’t put much stock in people’s concerns over the information he exposed.

“I laughed when I was accused of ‘blowing’ covers of so-called whistle-blowers,” Domainer said. “I read one e-mail which complained to the police of their lack of service. Another mail reported their missing cat!”

Regardless of the content of the data put online, Domainer said that it must be emphasised that it is the duty of the police that hold this information to ensure its security.

“Back in late 2012 I tweeted the fact that I believed the SAP servers were vulnerable to attack, but at that time had no reason to continue the hack,” Domainer said.

Questioned about why the information obtained through the hack was released publicly, Domainer explained that it was released the same way as all Anonymous data is released.

“That is to say, within public mediums whether it be WikiLeaks, Twitter, et cetera.”

Daniel Mashao

Daniel Mashao

Are you worried about getting caught?

At a press event held on Wednesday (22 May 2013), head of critical systems at the State Information Technology Agency (SITA), Daniel Mashao said that they are concerned about the security of the government websites they host, but are working hard to ensure that they are secure.

Domainer wouldn’t say if he had attacks on other South African government websites in mind.

“It would not be wise or prudent of me to discuss any further attacks on any government,” Domainer said.

Domainer wasn’t worried about being caught by the SAPS, however, despite Ngubane stating that an investigation by Crime Intelligence Division had already yielded some results.

“Crime Intelligence?” Domainer quipped. “Sorry I had to laugh. They have nothing… just pretending that they are doing their job.”

Bonginkosi Solomon Ngubane

Bonginkosi Solomon Ngubane

No confidential data leaked in website hack: SAPS

SAPS website hacked, sensitive info leaked: reports

Spyware servers in South Africa: the plot thickens

Dictators used SA surveillance equipment: WikiLeaks

ANCYL website hacker tells all

Original ANCYL website hacker speaks out

Tags: Bonginkosi "Solomon" Ngubane, Crime Intelligence Division, Daniel Mashao, Domainer, DomainerAnon, Headline, South African Police Service (SAPS), State Information Technology Agency (SITA)

Free Email Newsletter:
Subscribe

Shutterstock is the image partner of MyBroadband – technology images can be found here

Join the conversation

Connect with MyBB

twitterfacebookandroidappleblackberrynewsletterfeed

Poll

Have you ever lied on your CV?

View Results

Loading ... Loading ...

More News

Top tech specials this weekend

Sale

If you are looking for a tablet, TV, or laptop, you can save thousands of rands this weekend

Another SA iStore robbed

The five colors of the new iPhone 5C are seen after Apple Inc's media event in Cupertino, California September 10, 2013.

Another iStore was robbed in Gauteng on Friday — this time at Centurion Mall in Pretoria, police said

Finance Minister Nhlanhla Nene’s fake Facebook profiles

The loading screen of the Facebook application on a mobile phone is seen in this photo illustration taken in Lavigny May 16, 2012. REUTERS/Valentin Flauraud

There are several fake Facebook accounts purporting to be those of Finance Minister Nhlanhla Nene, his ministry said on Friday

SABC won’t be held to ransom by actors: Motsoeneng

SABC logo TV screens

The SABC will not allow itself to be held to ransom by actors, the public broadcaster’s COO Hlaudi Motsoeneng said on Friday

Free MyBroadband Newsletter:
Subscribe
X
bool(true)