Hacktivists who broke into Syrian government networks and leaked a massive 43GB dump of data online including server passwords have been identified as the Cyber Justice Team. The hack, which took place on 6 April, saw the team conduct a major hack on the governmental server and boasted about the act on Twitter by stating they had an initial 10GB of sensitive data.
However, after decompressing the files that figure now stands at over 43GB, with over 274,000 files from 55 national and private Syrian website domains – half of which were .gov.sy government domains.
The data dump was posted publicly online and contained server passwords along with MySQL host permissions and admin passwords. It appears to be comprised of a number of past breaches as well as new ones, and while most of the domains in the dump thus far appear to be inactive or no longer in use and will be of little concern to Syrians, it is clear the hackers were able to obtain the information by exploiting known and outdated vulnerabilities in the web portals still being used by organisations.
While this easy-to-crack infrastructure seems to be a worrying error on behalf of the Syrian government, cyber security experts Risk Based Security, offers an interesting theory that it may be a honeypot to attract hackers attempting to breach its networks.
The Cyber Justice Team claimed responsibility for the attack as part of its campaign against the Assad regime as well as Isis who it claims are both oppressors of the Syrian people. As a trawl through the hundreds of thousands of leaked files continues it may bring to light more significant data.