Why the Eu Yan Seng website hacking incident means trouble for Singapore
By Peter YuBouts of hacker vigilante justice are unpredictable – Singapore as a prominent country in the international areana means that any local site could be targeted for a cause, to send a message or for no reason whatsoever. No matter how secure your website can be, it is bound to be hacked, crash due to overwhelming traffic, server outages or more.
On 27th June, Singapore Healthcare merchant, Eu Yan Seng, had their website defaced. The Indonesian perpetrator was trying to send a message about Singaporean netizen complaints or name-calling about Indonesia on the recent hazardous haze wafting over the seas.
Why would someone choose Eu Yan Seng as a target to make his/her message known? A look up on Alexa will show that this website does not generate enough traffic to capture enough attention. As a prominent supplier of traditional Chinese medication, the target audience that would visit this site would typically be those who are older and unlikely web savvy. Yet it was still targeted as well as getting media attention.
There are definitely higher profile websites that can be attacked to make the news (various government sites, media sites, banks & etc. come to mind). Perhaps Eu Yan Seng’s website has the most vulnerable code or that in this period of haze or more people will be looking to improve their immune systems. While we can only speculate on the why, we know that damage has been done.
As a merchant with a eStore, there would lost sales / opportunity. Visitors to the site would have been put off making a purchase. There would also be a displacement of credibility for the brand. There may be an association with danger which contradicts the health benefits that Eu Yan Seng would want to promote about their products.
One thing is for sure is that Eu Yan Seng is not the only victim and collateral damage in a crusader’s mission. Other high profile hacks in recent memory include Anonymous hacking and defacing North and South Korean sites on the anniversary of the Korean War and Israeli sites in an audacious attempt to wipe them off the Internet. These are more political motivated and indeed more extensive attacks.
In many occasions, there could be an agenda or not. Some hackers just do it for the fun it, to prove that they can,bragging rights and a myriad of random reasons. The site can be defaced, crashed or have its databases deleted or all of the above. This unfortunately means that any site, at any time, for any reason could be compromised.
Corporations are especially open to such attacks and also have the most to lose. So that’s why many firms invest significant amounts of their budget each year on cyber security. Even then it is not fool-proof.
The sad thing is that while prevention is better than cure, when hackers strike, the only response is a reactive one. And when your site is defaced, offline or down, the moments following which will be crucial. Which means that the earlier that you can respond, the less you stand to lose.
The worst thing that could happen is when the website fails during off-work hours. While employers/employees work 8-10 hours a day, your website is 24/7. When you do not have a 24hr tech team on retainer or standby, there could be a few hours where the site is in purgatory and you will be paying the price.
Nothing is hack-proof, but an immediate response goes a long way. Web administrators need to get an instantaneous update via email or SMS when something goes awry with the website. They will be alerted and be able to start getting things back to normal immediately. If you have already a website backup, it could be as easy as clicking restore.
“Why backup?” you might ask. The easy answer is that while you can’t stop hacks, you can very well immediately prevent it from doing more damage. Backing up your website and databases is the first step to keep your Internet safe.
Read Here
Advertise
Sign Up
