Hackers deface Mazda website here

Mazda's local car dealer defended its online security yesterday, after its Singapore website was defaced by a Turkish hacking group.

Ayyildiz Tim wrote a message demanding "freedom for all Muslims" on Eurokars Group's site, www.mazda.com.sg.

It was spotted at 9am yesterday and the site was taken down by 10.30am, before being reinstated 45 minutes later.

A spokesman said the company had made a police report and an investigation was under way.

The website allows car owners to make service appointments by entering their personal details, including name as well as NRIC, car and contact numbers. It is not known if customer details were compromised. A spokesman said: "There is no evidence at present to suggest that customer data has been compromised."

However, security experts said website vulnerabilities could have given hackers unauthorised access.

Daniel Cohen, head of American security firm RSA's Fraud Action Anti-Fraud Services, said a website could be vulnerable if its computer server software is not up to date.

The use of a third-party plug-in like a visitor counter, search tool bar or map - which Mazda's site has - may also introduce weaknesses and allow for this type of attack.

But the design of a website determines how secure customers' sensitive information is, according to United States-based security software firm Fortinet's senior security strategist, Aamir Lakhani.

In August, the hacking group reportedly hacked into Israel's Iron Dome defence system, which is designed to intercept and destroy short-range rockets and artillery shells fired at the country.

Mr Lakhani said it is not clear why the group targeted a Singapore entity. "It is possible it was just trying to attract attention and demonstrate its expertise," he said.

itham@sph.com.sg

Get MyPaper for more stories.