Singapore statutory board, People's Association (PA), has confirmed hackers penetrated its main Web site, and other subsidiary sites, over the weekend.
A Facebook post by the government entity, which is responsible for promoting racial and social harmony in the island-state, on Sunday said it "discovered an intrusion" on its corporate Web site. PA added the Web site provides general information about the organization and its programmes, and does not conduct transactions.
"The team is currently investigating the incident," PA said in its Facebook post. "We are tightening the security of the Web site and will restore [its functions] as soon as possible." The organization's Web site has been inaccessible since Sunday.
When users tried accessing the Web site yesterday, they were greeted by a black page with the words "HighTech Brazil HackTeam", along with an image of a figure in a hoodie.
Hacks on Web sites operated by Singapore's government agencies or statutory bodies are rare, with the last such incident reported in 1999, according to local Chinese newspaper Lianhe Zaobao.
Ngair Teow Hin, founder and CEO of Singapore-based security vendor SecureAge, previously pointed out in an interview that the country's "vibrant" IT security environment, low rate of reported breaches and incidents, and not being at the frontline of online attacks had lulled local organizations into a "false sense of security" leaving them vulnerable.
Sixteen other Web sites under the PA including four community development councils, Singapore's water venture Web site, and the Malay Activity Executive Committee also were hacked by the same team and remain inaccessible.
Stree Naidu, vice president of Imperva in Asia-Pacific and Japan, said the hacking of these Web sites was a "classic case" of hacktivism. Any organization which has not studied its methods and attacks would be a "sitting duck", he said.
"[This] underscores the importance of preparedness among companies to be ready for hacktivism," Naidu said. "Cyber riots have become one of the main ways to cause costly breaches that not only bring down Web sites, but also lead to data walking out the front door."