Internet hacker 'puts' penis in DOH head's mouth

ABS-CBN News

Posted at Jan 05 2010 11:52 PM | Updated as of Jan 06 2010 07:52 AM

Hackers tampered with a picture of Health Sec. Francisco Duque III (left). The original picture (right) shows him blowing on a horn.

MANILA, Philippines - Hackers vandalized several official government websites prior to the holidays, prompting internet security experts to question the government's ability to protect sensitive information.

On December 17, users visiting the Department of Health (DOH) website found a picture of Health Sec. Francisco Duque III apparently holding genitals towards his mouth.

On the upper left corner of the picture, which accompanied a press release about the DOH's firecracker ban campaign, was a drawing of a penis with the words "Use Penis" next to it.

The original picture showed Duque blowing on a "torotot" or horn.

The DOH had encouraged the public to make noise with horns or pans instead of using firecrackers during the holidays in order to minimize firecracker-related injuries.

Before the DOH website could be fixed, the tampered picture was quickly spread in social networking sites.

The next day, alleged Indonesian hackers broke into the official website of the Department of Social Welfare and Development (DSWD).

The DSWD home page displayed a large picture of a green and glowing Grim Reaper bearing the words "Hacker-newbie.org", a Bahasa forum reportedly for hacker communities.

More recently, the National Disaster Coordinating Council's official website was also hacked by "Heart Hacker."

Viewers visiting the agency's home page instead saw a black-and-gray message box proclaiming that the site had been hacked.

Can elections be 'hacked'?

Information Technology (IT) expert Jerry Lao said hackers can break into web servers, the "space" where websites are housed or located, by breaking a password or entering through the "back door."

"Once you get in, you can practically do anything with the site," he said.

Lao said the series of hacking incidents on Philippine government websites serves as a "wake-up" call for authorities, especially military agencies like the NDCC, to heighten their website security.

"Huwag sila basta basta mag-host lang na hindi nila man lang tinitignan kung ano ang mga security features ng web company. (They shouldn't just host on a server without looking at the web company's security features)," he told ABS-CBN News in an interview.

Experts like Lao broached the possibility of hackers breaking into government websites and tampering with vitally important data, such as those of the Commission on Elections, which is overseeing poll automation in 2010.

"The security features of the Comelec, I'm pretty sure, are stringent and it's harder to get in. But hackers can still try to get in. The question is, can the Comelec handle it?" Lao said.

Comelec spokersperson James Jimenez, however, said he is confident that the Comelec's software and database for the automated elections cannot easily be compromised.

He said the poll body had meticulously studied the database's security features and protocol.

"The protocol for protecting the website, it's something that we've had experience with. And we are confident that we can do that for the 2010 elections," he said. Report by TJ Manotoc, ABS-CBN News.