According to a hacker group’s claim, 500 websites associated with the Ministry of Science have been hacked, and a significant number of documents are now in this group’s possession.
As reported by IDEA, a while ago, the Ministry of Science, Research, and Technology website went offline and became the target of cyberattacks.
Regarding the release of this news, Neda Shafiei, Deputy Director of Public Relations at the Ministry of Science, Research, and Technology, stated: The website has been taken offline for further investigation to determine whether an actual hack has occurred or not.
In some media outlets, it has been mentioned that this disruption is due to an update, and it will be resolved shortly. As of the time of reporting, the website is still inaccessible.
These attacks occurred while the website of the Civil Registration Organization was targeted in cyberattacks last week. Today, with the claim of this hacker group, the Ministry of Science’s website has gone offline.
This group has claimed that during these attacks, they gained access to 500 websites, servers, computers, and more belonging to this ministry, and they have more than 20,000 documents at their disposal.
this hacker group has previously taken responsibility for hacking organizations such as the Tehran Municipality, the Ministry of Foreign Affairs, the Ministry of Agriculture Jihad, the Ministry of Guidance, IRIB (Islamic Republic of Iran Broadcasting), the Office of the President, and others.
Where Has the Civil Registration Hack Reached?
Following the disruption of the Civil Registration Organization‘s website, there has been no clear explanation regarding these cyberattacks. The spokesperson for the Civil Registration Organization of Iran, in regard to the hacking of civil registration information, said: ‘Our information is fully secure. We have provided it to the Ministry of Health for the completion of the electronic health records. The incident that occurred is not related to us.’
Saifullah Abutorab stated: ‘Our database communicates with the Ministry of Health’s system, just like other government entities, and our connection with the Ministry of Health is related to electronic health record matters. The information that has been leaked has come from the Ministry of Health, and civil registration is not involved in it.’
What is the Basis for These Hacks?
One network security expert, about the recent cyberattacks, stated: The data is confidential, and the hackers only gained access to these websites.
Regarding the reason for this incident in terms of cybersecurity, he said: For network security, infrastructures need both “upgrades” and “updates.” “Upgrade” means upgrading the old version of the operating system, while “update” means that a company recognizes the presence of bugs and issues and addresses them by providing a new “update.” However, the reason why institutions and organizations did not take action regarding these “upgrades” and “updates” is that all these updates have a “side effect,” and everything needs to be “redesigned.” Even developers get involved in updating the codes, and this process is challenging; hence, most institutions do not undertake these actions.
He also mentioned the civil registration hack: What happened there was related to the chosen VPS (Virtual Private Server). In the sense that any operating system wanting to run a website on its own requires a web server (platform). The platform for this website, which was IIS from Microsoft, had Windows Server 2012, which made this cyberattack possible. Although the hackers only gained access to the website, the information remains entirely confidential and secure within this organization.
No Comment! Be the first one.