If you tried to access the Ministry of Finance website on Wednesday, you were welcomed with a “We’ll be back soon!” message against a white background. The website was down for maintenance.
Reason: a hacker had accessed the website and left his mark. That is all we know, basing from the visible evidence, but it is unlikely there was much damage done. The website is back up.
It is not the first time the website is being hacked. Last December, hackers left a “black screen bearing the logo for the Kosovo Liberation Army, along with a YouTube link to the unofficial Kosovan national anthem.”
This week’s hacker was more considerate to the ministry’s beleaguered IT team and only created a page to show off their catty exploits.
The website is hosted on WordPress, the world’s most popular content management system. This also makes it very susceptible to hacking since the platform is a very popular target.
However, there are also a number of tools to prevent such from happening – in addition to routinely carrying out very basic yet essential security practices. WordPress has several free plugins that provide basic security. For more comprehensive protection, they offer paid plugins.
It is unlikely any sensitive data was compromised in the hack. From the look of things, the website is a depository of laws, reports, and other publications – and does nothing much else.
It’s still embarassing; this is a government department that employs people after laborious, bureaucratic processes. At the very least, they should get people competent enough to stem these frequent attacks.