Armscor website hacked


The hacking of its website this week has not affected sensitive and classified content, Armscor said.

The defence and security acquisition agency’s General Manager: Marketing And Business Development, Lulu Mzili, said in a statement Armscor “was aware of the breach of its website”.
“A team of cyber experts has been convened to conduct a forensic analysis to determine the full extent of the incident. This is to ensure that tighter measures and interventions are in place to prevent similar attempts recurring.
“While the investigation is being undertaken, Armscor can confirm at this stage the information access does not contain sensitive and classified content.
“We are aware of the increase in cyber threats globally, hence IT infrastructure renewal is an Armscor strategic focus area,” she said, adding Armscor stakeholders need not worry as “the matter was receiving undivided attention”.

According to the hackread website “the operation OpAfrica has found another victim. This time it’s the Pretoria-based arms procurement agency, Armscor. The breach can be labelled as a massive hack because Armscor is the official arms procurement agency of the SA Department of Defence”.
“The hacktivist behind this hack is the same one who previously hacked two Israeli arms importers and leaked client details in public for operation Opisrael. This time the hacker has chosen the dark net to leak 63 MB data in HTML files that includes invoice numbers, order numbers, invoice amounts, etc. of Airbus, Thales, Rolls Royce, EADS and Denel, among others.” Data from Siemens, Boeing, BAE Systems, Panasonic, Glock and Microsoft was also obtained.

The hacked data was put online on Sunday night.

The site added the hacktivist had gained access to 19 938 suppliers IDs, names and plant text passwords using “a simple SQL injection”. These passwords allow anyone to log in to Armscor as a supplier or manager.

The hackers are believed to be linked to Anonymous. Hacktivists calling themselves Anonymous Africa last month hacked the SABC website as well as those linked to the Gupta family in what they said was their targeting of corrupt governments. Hackers also published data from Kenya’s Ministry of Foreign Affairs in late April, and various African nations have been targeted by hackers, including Tanzania, Uganda, and Rwanda.