Man fined $8,000 for Istana website hack

SINGAPORE - A businessman who was fined $8,000 yesterday for hacking into the Istana website is the first to be convicted of carrying out a cyber attack on a government website here.

Delson Moo Hiang Kng, 43, who runs an IT consultancy firm, admitted to one of three charges of unauthorised access to the server that hosted the Istana webpage in November last year.

On three occasions, starting at 12.34am on Nov 8, he caused the webpage to display a picture of an old woman pointing her middle finger, along with a string of offensive words in Hokkien.

The two other charges were considered during his sentencing.

Moo had carried out a cross site scripting (XSS) attack, a common type of cyber attack. It involved the attacker exploiting a security vulnerability and injecting a malicious script into a Web application.

The aim of Moo's attack was to deface the Web application, Deputy Public Prosecutor (DPP) Suhas Malhotra said yesterday.

Mr Malhotra said Moo learnt about the vulnerability on the Istana website from other Facebook users. His act, however, did not cause any damage to the contents of the Istana Web server.

Pleading for leniency, Moo's lawyer, Anil Balchandani, said his client was remorseful for his actions, which were done not only in a moment of folly, but also with a "sense of adventurism".

Agreeing with the prosecution that a jail term was not necessary, District Judge Liew Thiam Leng took into account the fact that there was no alteration or disruption of the data on the affected website, no "phishing", and no steps taken by Moo to disseminate the hyperlink with the XSS attack.

This article by The Straits Times was published in MyPaper, a free, bilingual newspaper published by Singapore Press Holdings.

Get a copy of The Straits Times or go to straitstimes.com for more stories.