Hacked Royal Navy site sinks

The Royal Navy website goes down after a hacker claims to breach site security and reveal usernames and passwords.

Navy

UPDATED The Royal Navy website is currently down after a hacker claimed to have successfully exploited the site and its underlying database.

An attacker going under the web pseudonym TinKode stated in a blog to have compromised the website with an SQL injection attack this weekend.

TinKode claimed to have accessed both usernames and passwords to different sections of the website, although the Royal Navy has refuted the suggestion any classified information was taken.

Advertisement - Article continues below

The Royal Navy admitted the site was compromised, but said no "malicious damage" was caused.

The website has been suspended as a precaution while security teams investigated, a spokesperson added.

Visitors to www.royalnavy.mod.uk today were greeted by a message reading: "Unfortunately, the Royal Navy website is currently undergoing essential maintenance. Please visit again soon."

TinKode received praise on his blog for his efforts, with one post reading: "TinKode doesn't need sophisticated weapons to disarm an army. He just need a PC."

Another, going by the name Sirarcane, said: "Nice dude, really nice. Good job."

The news comes not long after the Government ranked cyber defence as one of the most important areas of national security, placing it alongside international terrorism and military crises.

The Coalition also recently announced an extra 500 million funding for cyber defence, along with 900 million to go on targeting tax evaders and fraud with better use of technology.

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

Jason Hart, senior vice president in Europe for two-factor authenticaton provider CRYPTOCard, said the hack had wider implications for the security sphere.

"The fact that a high profile military website can be targeted shows the underlining issues facing organisations and the threat of cyber crime," Hart told IT PRO.

"Fundamentally this shows that the basic forms of attack can still be executed successfully on very secure sites through the simple tools to obtain the username and password."

Graham Cluley, senior technology consultant for Sophos, labelled the hack "embarrassing."

"If someone with more malice in mind had hacked the site they could have used it to post malicious links on the Navy's JackSpeak blog, or embedded a Trojan horse into the site's main page," Cluley said in a blog.

"It is to be hoped that the extent of this attack will be egg on the face of the Ministry of Defence, rather than a more significant assault on a website presenting the public face of an important part of the armed forces."

Featured Resources

Top 5 challenges of migrating applications to the cloud

Explore how VMware Cloud on AWS helps to address common cloud migration challenges

Download now

3 reasons why now is the time to rethink your network

Changing requirements call for new solutions

Download now

All-flash buyer’s guide

Tips for evaluating Solid-State Arrays

Download now

Enabling enterprise machine and deep learning with intelligent storage

The power of AI can only be realised through efficient and performant delivery of data

Download now
Advertisement

Recommended

Visit/security/355013/10-quick-tips-to-identifying-phishing-emails
Security

10 quick tips to identifying phishing emails

16 Mar 2020
Visit/business-strategy/mergers-and-acquisitions/354941/panda-security-to-be-acquired-by-watchguard
mergers and acquisitions

Panda Security to be acquired by WatchGuard

9 Mar 2020
Visit/security/internet-security/354417/avast-and-avg-extensions-pulled-from-chrome
internet security

Avast and AVG extensions pulled from Chrome

19 Dec 2019
Visit/security/354156/google-confirms-android-cameras-can-be-hijacked-to-spy-on-you
Security

Google confirms Android cameras can be hijacked to spy on you

20 Nov 2019

Most Popular

Visit/software/video-conferencing/355138/zoom-beaming-ios-user-data-to-facebook-for-targeted-ads
video conferencing

Zoom beams iOS user data to Facebook for targeted ads

27 Mar 2020
Visit/infrastructure/server-storage/355118/hpe-warns-of-critical-bug-that-destroys-ssds-after-40000-hours
Server & storage

HPE warns of 'critical' bug that destroys SSDs after 40,000 hours

26 Mar 2020
Visit/software/355113/companies-offering-free-software-to-fight-covid-19
Software

These are the companies offering free software during the coronavirus crisis

25 Mar 2020
Visit/mobile/mobile-phones/355088/apple-lifts-iphone-purchase-restrictions
Mobile Phones

Apple lifts iPhone purchase restrictions

23 Mar 2020