HDTV/3D TV News
Hackers have found a breach in MI5’s website that allows them to attack surfers who are visiting the website and steal personal information that is stored on their PCs.
As alarming as the threat may have sounded, it is now resolved and is generally thought to have been of little value.
According to the article, a hacking team known as “Team Elite” which is currently thought to have attacked the World Health Organisation’s website, notified MI5 about the security hole, stating that the MI5 search engine was vulnerable to iFrame Injection and XSS attacks.
The problem arose because hackers could take screenshots of the content so that surfers would think they were accessing the official MI5 website and not a scam site designed to steal information.
Team Elite issued the call to arms with an over exaggerated statement that national security was in jeopardy since the security has been breached since September 2007.
However, senior technology consultant at Sophos, Graham Cluley said that MI5 would not hold sensitive information of national security on a public website that was left unencrypted, thus it was highly unlikely that while the hole existed any significant information could have been leaked.
Cluley added however that the compromised situation should hopefully alert system administrators that they need to be aware that most attacks are started from legitimate, or at least those that appear legitimate, websites.
Team Elite is comprised of security enthusiasts and programmers who make it their duty to find security problems and report the shortcomings to organisations that stand to be victimised.
Comments (0)
