A hacker is reported to have targeted at least 20 South African Web sites last week, 14 of the attacks occurring in a single day. This is according to Internet law firm Buys Attorneys, which routinely tracks the behaviour of hackers.
Reinhardt Buys of Buys Attorneys says last week saw a sharp increase in the number of hacker attacks on local Web sites. "During the past week, a hacker who refers to himself only as ‘r00t3rs' hacked into more than 20 sites."
Buys says the hacker defaced 14 sites on 16 October, making it the worst hacking attack in SA's history. He says the hacker appeared to have focused on sites operating on Windows NT and bearing a .co.za domain name. "The hacker defaced the sites simply by deleting pages and replacing them with a blank page featuring his, or her, name. The successful attacks occurred in the early hours of Tuesday morning.
"Since we started monitoring hackers that target South African sites in 2000, we never saw one hacker deface so many local sites in one day," says Buys.
The Web sites successfully hacked by this hacker were: www.mytimesheet.co.za, www.betaconsulting.co.za, www.sunshinecompany.co.za, www.mobilcell.co.za, www.iciniso.co.za, www.hbt.co.za, www.ggates.co.za, www.futurefin.co.za, www.fomi.co.za and www.ek.co.za.
Three hackers defaced six other local Web sites last week. A hacker called "ATH" defaced www.audiospectrum.co.za and www.voigtlab.co.za. "Suicide Pig" defaced Maserati's South African Web site. The Grey College Web site was hacked by a group called "Fatal Error". Visitors to the Audiopectrum site saw a dragon and cryptic message from the hacker: "Special greetz to: Nikom 13 - Rage Against".
Spiritual World's Web site at www.spiritualworld.co.za was hacked on the same day by "ATH", who even placed a contact e-mail address of the defaced site. The e-mail address indicates a Brazilian e-mail account.
"Until a few months ago hacking was basically legal in SA as no law addressed it. If the police succeeded in arresting a suspected hacker, prosecutors had to rely on common law crimes such as housebreaking or malicious damage to property. It was very difficult to obtain the necessary evidence to prosecute hackers successfully. In some cases, however, a hacker may be liable for copyright infringement because he or she adapts or destroys another person's content without the necessary permission.
"However, in terms of section 86 of the new Electronic Communications and Transactions [ECT] Act, hacking is now a statutory offence in SA. The crime is defined as the intentional access to, modification or destruction of data without any authority to do so. The crime carries a fine or a prison sentence of between one and five years."
Buys says this section is basically useless if the hacker operates from another country as the law applies only if the hacker commits the offence in SA. If a Brazilian hacker hacks into local Web sites and the South African police succeed in tracing down such a hacker, the SA government will have to ask the host country to extradite the hacker.
“The hacking law also applies to any South African citizen or permanent resident, notwithstanding the fact that such a person is not in SA and hacks into non-South African Web sites. An interesting clause in the law states that the hacking law also applies to people on ships or aircraft coming to or leaving SA, should the hacking take place from such a ship or aircraft."
There has not been criminal prosecution of a hacker in SA in terms of the new ECT Act and it is still uncertain what kind of evidence will be necessary to secure a conviction.