Nexus -
info_outline
Stay signed in to save your points and redeem your rewards at Nexus

Your Rewards are Waiting!

Stay signed in to save the points you've earned. Click on the points to redeem your rewards at Nexus before they expire.

Login In Now
Cybersecurity

Nacsa says Health Ministry, other govt agency websites hacked; urges immediate patch to fix vulnerability

By Christopher Fam
An advisory, published yesterday (June 26) via the National Cyber Coordination and Command Centre (NC4) website, points to a vulnerability in a content editing extension in the Joomla content management system (CMS) which allowed the websites to be compromised. — Pixabay

PETALING JAYA: The National Cyber Security Agency (Nacsa) says that several government websites, including those of the Health Ministry (MOH), Malaysia Co-operative Societies Commission, Handicraft Development Corporation, and Women's Development Department (JPW), have been hacked.

An advisory, published yesterday (June 26) via the National Cyber Coordination and Command Centre (NC4) website, points to a vulnerability in a content editing extension in the Joomla content management system (CMS) which allowed the websites to be compromised.

"The hack is believed (to be) due to vulnerabilities mentioned in the advisory. MOH has been informed and is taking the necessary mitigation actions," says a Nacsa spokesperson in a statement to StarLifestyle.

The advisory further states the vulnerability allows for a remote attacker to create rogue CMS editor profiles to "upload and execute arbitrary PHP code, resulting in full pre-authentication remote code execution (RCE) on the affected web server".

This allows attackers to establish persistent backdoor access to the website, with "code execution ability potentially leading to data theft, defacement, lateral movement, and complete takeover of the hosting environment".

This means that the confidentiality, integrity, and availability of the affected websites and the data that they possess are at risk.

"Malaysian NCII (National Critical Information Infrastructure) entities affected by this advisory are advised to report indicators or incidents to NC4 as per required under Act 854 for National coordination and intelligence sharing," the advisory states.

The agency further urges any website using the Joomla Content Editor to update to version 2.9.99.6, or at least 2.9.99.5. It states that for those unable to meet system requirements for those versions, there are free patches available from the software provider.

Nacsa further says to enact various mitigation efforts in the advisory.

The Health Ministry's website earlier appeared to have been hacked by a group calling themselves Mushr00w and was inaccessible at the time of writing.

Follow us on our official WhatsApp channel for breaking news alerts and key updates!

Trending in Tech

Others Also Read

Load more

Copyright © 1995- Star Media Group Berhad [197101000523 (10894-D)]

Best viewed on Chrome browsers.