{"id":78516,"date":"2013-05-22T22:53:40","date_gmt":"2013-05-22T20:53:40","guid":{"rendered":"http:\/\/mybroadband.co.za\/news\/?p=78516"},"modified":"2013-05-23T08:22:26","modified_gmt":"2013-05-23T06:22:26","slug":"saps-website-hacker-interviewed","status":"publish","type":"post","link":"https:\/\/mybroadband.co.za\/news\/security\/78516-saps-website-hacker-interviewed.html","title":{"rendered":"SAPS website hacker interviewed"},"content":{"rendered":"<p>A simple SQL injection attack was all that was needed to get hold of data stored in the database of the <a title=\"South African Police Service\" href=\"http:\/\/mybroadband.co.za\/vb\/showthread.php\/485318-South-African-Police-Service-SAPS\">South African Police Service<\/a> website, the hacker responsible for the breach recently told MyBroadband.<\/p>\n<p>Going by \u201cDomainer\u201d (or <a href=\"https:\/\/twitter.com\/DomainerAnon\">@DomainerAnon<\/a> on Twitter), the hacker said the attack was made possible by a poorly designed website.<\/p>\n<p>Domainer confirmed that the attack on the SAPS website on Friday (17 May 2013) was in retaliation for \u201cthe lack of adequate justice for the slaughtered miners\u201d at Marikana.<\/p>\n<p>\u201cIt also highlighted the fact that SAP\u2019s own duty of care, namely the security of information on its servers is questionable,\u201d Domainer said.<\/p>\n<p>On Wednesday (22 May 2013), Divisional Commissioner of Technology Management Services, Lieutenant General <a title=\"Bonginkosi Ngubane\" href=\"http:\/\/mybroadband.co.za\/vb\/showthread.php\/532259-Bonginkosi-Ngubane\">Bonginkosi Ngubane<\/a> responded to Domainer\u2019s statement, saying that he doesn\u2019t think it\u2019s a fair comment to make.<\/p>\n<p>\u201cThere is a commission of inquiry that\u2019s ongoing [into the events at Marikana],\u201d Ngubane said. \u201cI think it\u2019s an unfair statement to judge the police before the commission is finished.\u201d<\/p>\n<p>Following Domainer\u2019s release of the data from the SAPS website, eNCA reported that \u201chundreds of whistle-blowers have had their private details exposed\u201d, resulting in a mixed response on social media.<\/p>\n<div id=\"attachment_78518\" style=\"width: 545px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" aria-describedby=\"caption-attachment-78518\" class=\"size-full wp-image-78518\" alt=\"SAPS website hack by Domainer criticism\" src=\"http:\/\/mybroadband.co.za\/news\/wp-content\/uploads\/2013\/05\/SAPS-website-hack-by-Domainer-criticism.jpg\" width=\"535\" height=\"257\" \/><p id=\"caption-attachment-78518\" class=\"wp-caption-text\">Criticism of SAPS website hack by Domainer<\/p><\/div>\n<p>\u201cYes, it seemed as though my release of the SAP data fired up some South African people,\u201d Domainer said, adding that whether stemming from criticism or praise, the debate and understanding that follows it is important.<\/p>\n<p>However, Domainer didn\u2019t put much stock in people\u2019s concerns over the information he exposed.<\/p>\n<p>\u201cI laughed when I was accused of \u2018blowing\u2019 covers of so-called whistle-blowers,\u201d Domainer said. \u201cI read one e-mail which complained to the police of their lack of service. Another mail reported their missing cat!\u201d<\/p>\n<p>Regardless of the content of the data put online, Domainer said that it must be emphasised that it is the duty of the police that hold this information to ensure its security.<\/p>\n<p>\u201cBack in late 2012 I tweeted the fact that I believed the SAP servers were vulnerable to attack, but at that time had no reason to continue the hack,\u201d Domainer said.<\/p>\n<p>Questioned about why the information obtained through the hack was released publicly, Domainer explained that it was released the same way as all <a title=\"Anonymous\" href=\"http:\/\/mybroadband.co.za\/vb\/showthread.php\/362618-Anonymous\">Anonymous<\/a> data is released.<\/p>\n<p>\u201cThat is to say, within public mediums whether it be WikiLeaks, Twitter, et cetera.\u201d<\/p>\n<div id=\"attachment_78478\" style=\"width: 610px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" aria-describedby=\"caption-attachment-78478\" class=\"size-full wp-image-78478\" alt=\"Daniel Mashao\" src=\"http:\/\/mybroadband.co.za\/news\/wp-content\/uploads\/2013\/05\/Daniel-Mashao.jpg\" width=\"600\" height=\"400\" srcset=\"https:\/\/mybroadband.co.za\/news\/wp-content\/uploads\/2013\/05\/Daniel-Mashao.jpg 600w, https:\/\/mybroadband.co.za\/news\/wp-content\/uploads\/2013\/05\/Daniel-Mashao-250x166.jpg 250w\" sizes=\"(max-width: 600px) 100vw, 600px\" \/><p id=\"caption-attachment-78478\" class=\"wp-caption-text\">Daniel Mashao<\/p><\/div>\n<h3 class=\"my-4\">Are you worried about getting caught?<\/h3>\n<p>At a press event held on Wednesday (22 May 2013), head of critical systems at the State Information Technology Agency (SITA), Daniel Mashao said that they are concerned about the security of the government websites they host, but are working hard to ensure that they are secure.<\/p>\n<p>Domainer wouldn\u2019t say if he had attacks on other South African government websites in mind.<\/p>\n<p>\u201cIt would not be wise or prudent of me to discuss any further attacks on any government,\u201d Domainer said.<\/p>\n<p>Domainer wasn\u2019t worried about being caught by the SAPS, however, despite Ngubane stating that an investigation by Crime Intelligence Division had already yielded some results.<\/p>\n<p>\u201cCrime Intelligence?\u201d Domainer quipped. \u201cSorry I had to laugh. They have nothing\u2026 just pretending that they are doing their job.\u201d<\/p>\n<div id=\"attachment_78480\" style=\"width: 610px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" aria-describedby=\"caption-attachment-78480\" class=\"size-full wp-image-78480\" alt=\"Bonginkosi Solomon Ngubane\" src=\"http:\/\/mybroadband.co.za\/news\/wp-content\/uploads\/2013\/05\/Bonginkosi-Solomon-Ngubane.jpg\" width=\"600\" height=\"400\" srcset=\"https:\/\/mybroadband.co.za\/news\/wp-content\/uploads\/2013\/05\/Bonginkosi-Solomon-Ngubane.jpg 600w, https:\/\/mybroadband.co.za\/news\/wp-content\/uploads\/2013\/05\/Bonginkosi-Solomon-Ngubane-250x166.jpg 250w\" sizes=\"(max-width: 600px) 100vw, 600px\" \/><p id=\"caption-attachment-78480\" class=\"wp-caption-text\">Bonginkosi Solomon Ngubane<\/p><\/div>\n<h3 id=\"related\">More information security and website hacking articles<\/h3>\n<p><a href=\"http:\/\/mybroadband.co.za\/news\/security\/78476-no-confidential-data-leaked-in-website-hack-saps.html\"><strong>No confidential data leaked in website hack: SAPS<\/strong><\/a><\/p>\n<p><a href=\"http:\/\/mybroadband.co.za\/news\/security\/78382-saps-website-hacked-sensitive-info-leaked-reports.html\"><strong>SAPS website hacked, sensitive info leaked: reports<\/strong><\/a><\/p>\n<p><a href=\"http:\/\/mybroadband.co.za\/news\/security\/77814-spyware-servers-in-south-africa-the-plot-thickens.html\"><strong>Spyware servers in South Africa: the plot thickens<\/strong><\/a><\/p>\n<p><a href=\"http:\/\/mybroadband.co.za\/news\/telecoms\/39239-dictators-used-sa-surveillance-equipment-wikileaks.html\"><strong>Dictators used SA surveillance equipment: WikiLeaks<\/strong><\/a><\/p>\n<p><a href=\"http:\/\/mybroadband.co.za\/news\/general\/30120-ancyl-website-hacker-tells-all.html\"><strong>ANCYL website hacker tells all<\/strong><\/a><\/p>\n<p><a href=\"http:\/\/mybroadband.co.za\/news\/internet\/30574-original-ancyl-website-hacker-speaks-out.html\"><strong>Original ANCYL website hacker speaks out<\/strong><\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Domainer, the Anonymous hacker behind the release of data from the SAPS website reveals how he breached the site\u2019s security<\/p>\n","protected":false},"author":15,"featured_media":78520,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[27],"tags":[19582,19580,19584,19578,19576,35,19238,18068],"class_list":["post-78516","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-security","tag-bonginkosi-solomon-ngubane","tag-crime-intelligence-division","tag-daniel-mashao","tag-domainer","tag-domaineranon","tag-headline","tag-south-african-police-service-saps","tag-state-information-technology-agency-sita"],"_links":{"self":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts\/78516"}],"collection":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/users\/15"}],"replies":[{"embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/comments?post=78516"}],"version-history":[{"count":1,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts\/78516\/revisions"}],"predecessor-version":[{"id":78522,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts\/78516\/revisions\/78522"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/media\/78520"}],"wp:attachment":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/media?parent=78516"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/categories?post=78516"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/tags?post=78516"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}