Hackers use govt sites to push ads

Two-thirds of 500 cyberattacks on government websites last year were done by hackers who wanted to promote their online gambling services, the Ministry of Digital Economy and Society (DES) revealed yesterday.

DES Minister Chaiwut Thanakhamanusorn said gambling sites embed their codes and scripts within public sector websites to expand hits and viewers whenever people access government websites to look for information or services.

One of the hackers’ main targets among the websites of 20 ministries and private sector bodies were educational sites, followed by those of public health agencies and local administrative offices, he added.

Mr Chaiwut said private sector websites were the hackers’ prime targets as these sites were verified by Google, unlike direct online gambling websites, which are illegal in the kingdom.

The government has, therefore, worked with the search engine to block or delete links to the websites.

“When people access some government websites, they might see advertising for online gambling and might think that we promote these sites, which is not true. Hacking government websites is a crime,” he said.

To resolve this cyberattacking problem, the National Cyber Security Agency (NCSA) had proposed both short-term and long-term prevention measures to the cabinet while following up another ministry’s problem-solving methods, Mr Chaiwut said.

The NCSA also sent evidence of cyberattacks to every internet provider, so they could take down any websites or accounts that were found to be involved in hacking activities.

One of the biggest attacks was included in a Police Cyber Taskforce’s (PCT) charge against an online gambling gang that hacked private sector websites in October.

Meanwhile, Mr Chaiwut said that PCT officers would press charges against every fraudster who hacks into the sites of the private sector.

The PCT advised website administrators to check the security of their websites and to resolve any hacking immediately.

Mr Chaiwut also warned people not to click on suspicious URLs in emails or texts.