Well, as everybody has heard, the eNatis website has been hacked last night…. or rather that’s what the media claims. It was actually defaced.
Some media hype has suggested that the eNaTIS system was hacked recently. This was apparently due to someone leaving a comment on a page of a section of the eNaTIS public web site (this site). The suggestion that eNaTIS was hacked is actually laughable. The eNaTIS public web site is in no way connected at all to the eNaTIS system. This choice was a deliberate design choice.
Actually it was just a defacement of one of the pages, most probably a script-kiddy(some kid/inexperience computer nerd that uses tools freely available on the internet) which haven’t even started growing a beard yet.
The thing that disturbed me the most actually was not the defacement, but the fact that they are using an open source cms system called Joomla for their site, and an outdated version at that which means security holes, which “script-kiddies” over the internet quickly identify and deface for fun. The website one can quickly sees has been put together but just replacing a few images here and there from existing theme packs available for download on the internet.
I would reckon for a project that has driven R46m out of taxpayers’ pockets would at least have something decent as a “public face” for the system . Yes – the website is not “connected” to the eNatis system but still in essence there was a compromise, maybe the compromise bought someone their 3rd M3 ? Although Joomla and other are good systems and can be used, but with the right amount of skill behind it.
Thanks for showing us where our money really is going. Hopefully soon the whole eNatis story will blow over and we will get our money’s worth out of it.