DBM website hacked

MANILA, Philippines (UPDATED) – The official website of the Department of Budget Management (DBM) on Wednesday, April 25, appeared to be down after it was defaced by hackers claiming to be Chinese.

The DBM homepage at www.dbm.gov.ph, at approximately 2:15 in the afternoon, displayed an image of the Chinese flag along with text announcing that it had been hacked by “Chinese Hackers.” (The site is now being redirected to the old DBM web site.)

The homepage also displayed a “warning” from the hackers: “Don’t trouble the Chinese, Don’t Play with Fire,” and was also made into a chat room by the hackers.

The messages, written in Chinese characters, did not convey messages that bashed the Philippines. Instead, the conversations were about other things, based on rough translations made online.

Some of the messages said the same group claimed turning numerous other sites into chat rooms – including a Vietnamese government website.

The Chinese characters 菊花聊天室 – which literally translates into “Chrysanthemum Gossip Room” – when searched online, leads to links of other sites that were allegedly hacked by the same group.

Data intact, says DBM

As of posting time, the DBM website redirects to the department’s old website. 

The hacking incident happened amid increasing tension between the Philippines and China over the controversial Scarborough Shoal. The standoff between the 2 countries, according to Chinese state media, has put the relationship between China and the Philippines “to its lowest ebb for years.”

[Background: Scarborough Shoal according to Manila, Beijing]

Less than a week ago, the University of the Philippines website was also defaced by hackers claiming to be from China.

The DBM website has been hacked before. In 2010, the site was hacked by a group that called itself “Xentrix Cyber Team and Soldier of Allah,” according to a report on the Philippine Daily Inquirer.

“Our initial findings indicate that all important data in the website remain intact. We are at present conducting a security audit on the site, which will remain offline until the audit has been completed and the necessary repairs are made. In addition, we have yet to establish the true identities of the parties or individuals responsible for the attack,” the department said in a statement.

The department said it did a “soft launch” of its new site last week, “designed to be more user-friendly, navigable, and interactive for web users and visitors.” It added: “It is fortunate that we shifted to the new platform, which presents fewer security risks than the DBM’s previous content management system.” – Rappler.com