Hackers usually hide behind the cloak of anonymity to do their dirty deeds.
A notorious group of hacktivists even call themselves Anonymous and use a Guy Fawkes mask as their symbol.
Someone who styled himself as "The Messiah" has claimed credit for hacking several websites in Singapore since September.
This person, who also claimed to be linked to Anonymous, is believed to be responsible for defacing websites belonging to The Straits Times, pop singer Ho Yeow Sun and the People's Action Party Community Foundation.
But his attempt at using anonymity to cover his tracks seem to have failed to stop the law from catching up with him.
ARRESTED IN MALAYSIA
Last week, the man suspected of being "The Messiah" behind the hacking incidents was arrested in Malaysia.
James Raj Arokiasamy, a 35-year-old Singaporean, was believed to have been on the run from drug offences in Singapore since 2011.
A police statement on Tuesday said he was arrested in a Kuala Lumpur apartment last Monday and brought back to Singapore.
On Tuesday, James Raj was charged in court with compromising the website of the Ang Mo Kio Town Council website last month.
He also faces three other charges for drug use in 2011, for which he had been on the run from the Central Narcotics Bureau.
The police said it took extensive investigations and enquiries to establish him as a suspect and tracked him down in Malaysia.
"The arrest was made with the close co-operation and support from the Royal Malaysian Police," a spokesman said.
Five men were also charged on Tuesday with vandalism after allegedly spray-painting messages linked to Anonymous.
Others are helping with police investigations into other hacking incidents. (See reports on facing page.) A Ministry of Home Affairs (MHA) spokesman said: "Much effort and resources have been required to track down the persons responsible.
"Such persons only serve to disrupt the lives of other law-abiding citizens and cause unnecessary alarm. We should not allow the actions of a few to affect our sense of safety and security in Singapore."
James Raj is believed to have acted alone in altering the Ang Mo Kio Town Council website by breaking into its content management system (CMS), according to the police, and court documents.
Mr Paul Ducklin, senior security adviser of security software firm Sophos, said the CMS could be used to track a website hacker.
"A CMS is to your website as Microsoft Word is to your documents. It is a user interface, backend database, website creator, etc - exactly what its name suggests," he said.
Mr Ducklin was talking to The New Paper in an e-mail interview from Sydney, where he is based.
He said that a crook might be able to get into the CMS through simple exploits, which grants him the ability to change the website's content.
"The silver lining might be that since a CMS is designed to keep track of changes, such as who edited the file or who uploaded that image, you may be able to track down the perpetrator."
More skilful hackers would access the management interface of the CMS to better cover their tracks, he said.
Manager of Local IT firm SecureITNET Alex Nian said hackers could also hide behind several proxy servers to hamper police investigations.
These are international servers that conceal a user's original location and assign him a new Internet address. Use of multiple proxy servers in various countries can make it difficult to track hackers, making their intrusions virtually anonymous.
To peel away the layers, the authorities can requests Internet Service Providers (ISPs) to share information about a hacker's web trail, Mr Nian said.
"It is a lengthy process that involves a lot of documentation," he added.
The method allegedly used by James Raj to alter the town council website is a top vulnerability for websites, said Trend Micro Singapore country manager David Siah.
He said: "Hackers are counting on the possibility that the website is not coded securely and as we can see, there are still a lot of websites that will benefit from a review."
Get The New Paper for more stories.