Embassies server attacked again

A government server where the user names and passwords of embassy personnel were stored was attacked on Wednesday but initial investigations showed that no data was extracted, the Malta IT Agency said. The cyber attack was made public by the government...

A government server where the user names and passwords of embassy personnel were stored was attacked on Wednesday but initial investigations showed that no data was extracted, the Malta IT Agency said.

The cyber attack was made public by the government agency yesterday in complete contrast to the course of action adopted in September over a similar hacking incident, which was characterised by lack of information and transparency.

Mita said it identified "unauthorised software" on the embassies server, which stores the user credentials of personnel in Maltese embassies.

The agency did not say whether any personnel were questioned over the cyber attack. Neither did it specify whether the software was downloaded intentionally.

"The unauthorised software was identified by security monitoring and alerting tools, which have been recently implemented by the agency within an overall framework of security tightening," Mita said.

The agency asked its US-based IT security advisory firm to provide it with an assessment of the potential breach.

The preliminary analysis indicated that the software had the potential to extract user names and passwords on the embassies server only. The agency said it found no evidence that similar attacks were carried out on other government servers.

As a precautionary measure Mita disabled the accounts of users on the embassies server and other individuals occupying sensitive positions.

Apart from this, other users hooked up to the government network were yesterday requested to change their passwords as a preventive measure.

Mita said it deployed a number of specialised teams to handle the volume of incoming calls at its service call centre, which provided services to all the employees in the public sector.

Up to 4 p.m. yesterday the call centre handled 2,288 calls with the rate of refreshed accounts in one working day reaching the expected target levels.

Mita said it continued monitoring all activity on its servers and no further "anomalous activity indicative of any breach" was registered or detected.

The hacked server was isolated and the police were also informed of the attack.

ksansone@timesofmalta.com

Sign up to our free newsletters

Get the best updates straight to your inbox:

You can unsubscribe at any time by clicking the link in the footer of our emails. We use Mailchimp as our marketing platform. By subscribing, you acknowledge that your information will be transferred to Mailchimp for processing.