Government website hacked

L.S.M Kabweza Avatar
Ministry of Mines and Mining Development website

Yesterday, we noticed that a government website, www.mines.gov.zw, was hacked. The website belongs to the Ministry of Mines and Mining Development. It was designed and is hosted by the Government Internet Service Provider (GISP) so we sent them an email notifying them just in case they don’t know it yet.

The website was defaced. Along the website’s legitimate text and links appears the words “Hacked By muStireiS”. We have highlighted the text in red in the image below.

Ministry of Mines and Mining Development website

Besides the defacement, its not clear (and it’s unlikely) there’s any other damage done. As for how it happened; it could be someone just taking advantage of unpatched known vulnerabilities in the content management system. It could also be the bad old practice of leaving default passwords unchanged. We’ll try to get comment from GISP on the matter.

11 comments

  1. vaGudoguru

    The hacker should have asked: “Were are you putting the diamond revenue?”

  2. Joe Black

    *sigh* the struggle continues, comrades.

  3. brainy

    @techzim
    is there is cyber ecurity company on Zimbabwe soil? asked google he did not have the answer..

    1. Rocka

      There is a huge skill gap at the moment in zim in terms of cyber security professionals. Most of the security gurus left the country due to the lack of “real security” at most organisations in Zim. I would want to believe they are a few guys left in zim and the Big 4 consulting companies can help. However, most of these are 5-7 years behind due to lack of investment and advanced training.

      1. brainy

        can you pliz give me a name for same of the Big 4 consulting companies, it would be of gt8 help…

        1. Rocka

          Deloitte, PWC, E&Y and KPMG

          1. Glonass

            Are you serious those are IT Security Firms in Zimbabwe? You must be joking

  4. Guest

    joomla to blame!

  5. tinm@n

    Most of these attacks are automated. If you have worked for an ISP, you can testify on the barrage of attacks one gets daily. There’s hardly any political motivation or incentive on data for such websites. Thank goodness for Zim, generally, actual data is not hosted by the same network that contains actual government data… a situation that’s prevalent hasnt worked well for the developed nations.

    The good thing about it is that it embarasses those concerned(leaders and those technically responsible). Makes them more security aware

  6. tinm@n

    Hedious website by the way.That animated graphic is a distraction and eyesore…amongst many things

  7. Member

    most of these gisp designed are still on joomla 1.5, i think it is time to upgrade now.

2023 © Techzim All rights reserved. Hosted By Cloud Unboxed