Hackers working for online gambling platforms have hijacked the webpages of many Thai government agencies and turned them into portals for illegal gaming sites.

Websites of state agencies under all 20 ministries have been infiltrated by the hackers, said Digital Economy and Society Minister Chaiwut Thanakamanusorn. More than 30 million URLs of state-agency websites were found to have been corrupted, he said last Friday (Feb 17).

The hackers managed to plant malicious scripts that linked to online gambling websites, the minister explained. The script, which contains keywords for online gambling and links to gaming platforms, caused state agency webpages hijacked by online gambling websites to appear among the top Google search results.

115 websites targeted by gang

In late November, police raided a house in Bangkok’s Bang Khun Thian district and arrested 15 people suspected of hacking government websites to plant links to an online gambling platform they were working for. After examining computers used by the suspects, police found that they had infiltrated over 115 state agency websites.

Despite the recent police crackdown, Google search results in mid-February for “gambling” (either the English or Thai word) together with “.go.th” still showed links to gambling websites with addresses of Thai state agencies. (Official website addresses of Thai government agencies often end with “.go.th”.)

This is not surprising given that government web pages were found to contain many millions of links to online gambling platforms.

Recent Google searches showed results with compromised URLs involving several Thai state agencies. These included the Department of Mental Health (dmh.go.th), National Institute for Emergency Medicine (niems.go.th), Office of the Education Council (onec.go.th), Thai Industrial Standards Institute (tcps.tisi.go.th), Department of Empowerment of Persons with Disabilities (dep.go.th), Food and Drug Administration (fda.moph.go.th), Office of the Basic Education Commission (obec.go.th), Cooperative Auditing Department (cad.go.th), Central Institute of Forensic Science (cifs.go.th), Satun Province (satun.go.th), and many local administrative organizations.

Experts explained that online gambling gangs target official government websites in order to bypass a Google mechanism that blocks search results of gambling websites.

Public hospitals worst affected

They said many state agencies outsource the construction and hosting of their websites, as well as maintenance. However, inconsistent website maintenance leaves many organizations vulnerable to hacking and other cyber threats.

In December, the National Cyber Security Agency (NCSA) discovered that as many as 26 million webpages of Thai state agencies were compromised by online gambling hackers.

Public hospitals are among the worst affected by the problem. Script linked to online gambling was found on some 8 million webpages of agencies under the Ministry of Public Health, according to Dr Anant Kanoksilp, information technology and communications director at the office of the ministry’s permanent secretary.

“Many website developers have retired or were transferred, so websites were left unattended and not updated,” he said recently.

Dr Anant explained that even after malicious links are removed from the affected webpages, hackers can plant new links if agencies involved fail to update their software and servers with improved security.

Outdated technologies to blame

IT expert Teerak Boonprecha said that over 80% of Thai state agencies’ websites were created 10-15 years ago with technology that is now outdated and lacks security features against cyber threats.

He said those agencies hired outside website builders and had no experts to maintain their sites, making their systems vulnerable to hacking attacks.

Hackers working for online gambling platforms breach computer servers of compromised webpages before planting links that lead to their gaming sites, he explained.

“These gambling websites have their servers overseas, but they are looking for gamblers from Thailand. They want Thai gamblers to find links to their sites when doing Google searches. But they can’t have their servers in Thailand as their websites will risk getting blocked. So, they opt to plant their links on Thai state agency websites, which is a safer choice with no risk of getting blocked,” Teerak said.

The IT expert said the hackers working for online gambling gangs quietly embed their links on targeted websites, preferably in deep folders of the system.

Solutions to the problem

He suggested that state agencies hire experts to maintain their websites and find tools to scan for alien content. Also, their website software must be regularly updated, and they need to restrict access to their servers and require verification for server access.

However, the problem is that most hospitals, particularly small ones, neither develop their own websites nor have their own servers, according to the NCSA’s secretary-general, AVM Amorn Chomchoey. He said they depend on web hosting, which exposes their weak point because they cannot upgrade their security.

Amorn said a long-term solution would be to allow the Digital Government Development Agency (DGA) to manage government websites. He said the DGA has ready-made and standardized websites for government organizations to use and could manage and monitor their security.

Source: Thai Public Broadcasting Service