Singapore Prime Minister’s Website Hacked After Lee’s Threat

Singapore authorities are investigating a breach of Prime Minister Lee Hsien Loong’s website last night, one day after he said he would track down a group that announced plans to hack government online portals.

The page for searches on the website of the Prime Minister’s Office was “compromised” at 11:17 p.m. yesterday, the country’s phone and Internet regulator said in an e-mailed statement today.

“A vulnerability in that subpage was exploited to display pages from other sources,” the Infocomm Development Authority said in the statement. A subpage for searches on the Istana website, which is the main portal for the country’s president, was also compromised at 12:20 a.m., it said in a later e-mail.

Government websites have become lightning rods for hackers after Lee’s warning, said Eugene Tan, associate professor of law at the Singapore Management University. “The hackers will be very keen to see how strong your resolve is, how effective your systems really are and if they can get bragging rights,” Tan said. “It’s embarrassing for Singapore” to have the sites compromised, he said.

Cyber attacks on Singapore sites were flagged as part of the Anonymous group’s actions this week across Southeast Asia. Anonymous Philippines said it infiltrated 115 government sites before a demonstration on Nov. 5 outside congress as part of a global “Million Mask March,” coinciding with Guy Fawkes Day in the U.K., to protest against censorship and corruption. The mask of Fawkes, who tried to blow up the English Parliament in the 17th century, has become a symbol of the movement.

‘No Effort’

Lee said in a broadcast on his People’s Action Party Facebook page on Nov. 6 he took the threats “very seriously.”

“We will spare no effort to try and track down the culprits,” Lee said in the post. “If we can find him, we will bring him to justice and he will be dealt with severely. You may think you’re anonymous but we will make that extra effort to find out who you are.”

The city in July announced a five-year plan to boost cyber security. In 2009, the Singapore Infocomm Technology Security Authority, a specialist unit within the Internal Security Department, was formed to safeguard the city against cyber attacks.

“The attacks do suggest that there are a lot of areas for improvement,” said Gerry Chng, Ernst & Young’s Asean Information Security Leader in Singapore.

Licensing Laws

A website owned by Singapore Press Holdings Ltd., the city’s biggest newspaper publisher, was temporarily offline earlier this week after being hacked on Nov. 1. A video uploaded on the YouTube website last week showed a person in a Guy Fawkes mask threatening cyber attacks on the government to protest Internet regulations.

Singapore from June 1 required websites that regularly publish news on the city state to be licensed and pay a S$50,000 ($40,225) bond, to be forfeited on the publication of “prohibited content” that “undermines racial or religious harmony.” The new law has prompted criticism from Anonymous.

Singapore government agencies were put on alert for possible attacks, the Straits Times reported on Nov. 1. A person calling themselves the Messiah, a hacker with Anonymous, claimed responsibility for infiltrating the website of the Ang Mo Kio Town Council last week, the municipal branch of the prime minister’s district.