Businessman fined $8K for 'hacking' Istana website

Businessman fined $8K for 'hacking' Istana website
Delson Moo Hiang Kng, an IT consultancy firm operator, was fined $8,000 for hacking into the Istana website

Delson Moo Hiang Kng, 43, became the first person here to be convicted of carrying out a cross site scripting (XSS) attack - one of the most common types of cyber attacks.

Get the full story from The Straits Times.

Businessman admits to Istana and PMO website intrusions

Lim Yan Liang
The Straits Times
Sunday, Nov 17, 2013

SINGAPORE - The businessman questioned by police over the hacking of the Istana's website last week admitted yesterday that he had committed the cyber intrusion in a moment of folly.

He also admitted that he had earlier intruded into the Prime Minister's Office (PMO) website as well.

"It was purely a stupid mistake," Mr Delson Moo told The Straits Times. "My hand was itchy and... I got myself into trouble."

The 42-year-old had declined to be interviewed when he was first approached on Wednesday. But he agreed to speak when contacted again on Thursday night.

This after The Straits Times reported on Thursday that he was one of two men assisting police with ongoing investigations into the Istana incident. The other is 17-year-old student Melvin Teo.

Both of them knew each other through Facebook but have never met in person, said Mr Moo.

The case against them came to light after James Raj Arokiasamy, the man who allegedly uses "The Messiah" moniker, was charged in court on Tuesday for the cyber attack on the Ang Mo Kio Town Council's website on Oct 28.

Police have said the PMO and Istana incidents are not connected to the case against James Raj.

Mr Moo said he was surfing the Web last Friday morning when he stumbled on a post that claimed the PMO website had been hacked. Attached was a line of computer code that he believed could modify a website's content.

As his own websites had been hacked before - records showed that he is a director of two IT- related firms and an online store - Mr Moo claimed he tried the code-string on the search boxes of his three websites to "test for vulnerabilities" but found none.

The father of a young boy said he then tried the same code on the PMO site and it worked, displaying some text and an image.

After that, Mr Moo said he modified the code to have the Istana website display a picture of an old woman pointing her middle finger, along with a string of offensive words in Hokkien.

He then took a screen capture of what had appeared on the Istana's webpage and posted it on his own Facebook account with the words "Istana also kena", meaning the site had been also compromised.

Mr Moo said he thought nothing more of the matter, until the police came knocking on the door of his home on Sunday evening. Officers seized two of his laptops, one of which was returned after he gave his statement the next day.

Seeking to explain his actions, he said: "We have to understand one thing: I did not exploit the vulnerability, I tested the vulnerability."

More about

istana Hacking
Purchase this article for republication.



Your daily good stuff - AsiaOne stories delivered straight to your inbox
By signing up, you agree to our Privacy policy and Terms and Conditions.