(Credit: AFP / Illustration)
BEIRUT — Cybersecurity breaches in Lebanon's government entities have multiplied in the last couple of weeks, and more "hacking attacks" should be expected in the future due to the low level of protection of official websites, cybersecurity expert Majd Dhainy told L'Orient Today on Monday.
Earlier during the day, the Social Affairs Ministry website was hacked, following an attempted hacking of Lebanon’s Parliament website on Sunday, and the hacking of Beirut International Airport’s internal systems earlier in January.
A spokesperson at the Social Affairs Ministry told L'Orient Today on Monday that the website of the ministry was hacked in the early hours of Monday morning. "Efforts are underway to resolve this issue; however, the website does not contain any personal information about the beneficiaries of the ministry's programs," the spokesperson assured.
Lebanon’s Parliament website was also the target of a cyber-hack from an unknown origin, the Chamber's press office announced on Sunday.
Lebanon's Parliament website as seen from Google with the sentence "Hackd by R00TK1T." (Screenshot by L'Orient Today)
"Following a hacking attempt suffered by the Parliament website, the technical team responsible for the administration and protection of the site has frozen it and is working to resolve this incident," the press office wrote in a brief statement. A spokesperson at the Parliament refused to comment further to L’Orient Today, insisting that the issue "had been resolved.
Cybersecurity expert Roland Abi Najem explained to L’Orient Today that the hacking at Beirut International Airport is very different from the ones at the Parliament and the Ministry of Social Affairs.
“The airport has an internal system, and for it to be hacked, there needs to be someone from the inside at the airport assisting the hackers and giving them access to the internal system, whereas the Ministry and the Parliament websites are low-security, public websites that can be hacked easily,” Abi Najem explained.
Imad Elhajj, a professor of computer engineering at the American University of Beirut (AUB) and a cybersecurity specialist, said, the day after the airport cyberattack that it could have started with a phishing attack, and it does not necessarily mean it was an inside job.
Phishing attacks, often delivered via email spam, attempt to trick individuals into giving away sensitive information or login credentials.
The airport attack initially caused the baggage carousels to malfunction. A message criticizing Hezbollah was displayed on the screens usually showing flight details. A source at Middle East Airlines (MEA), the national airline, indicated that the Flight Information Display System (FIDS) network, which displays flight information inside the airport, was hacked, as had the BHS system for baggage inspection.
Abi Najem said, however, that the hacking of governmental websites does not necessarily mean that Lebanon is targeted specifically.
“Such hacking attempts have taken place before, the most recent being in Qatar, but it has also taken place in France, among many other countries,” Abi Najem said.
“A hacker with mediocre know-how skills can hack websites, and it can be solely for an attempt to show off among the hacker community that they are able to take down governmental websites since the technicalities are easy and the websites are public and don’t have sensitive information,” Abi Najem said.
However, Abi Najem noted that the increase in hacking incidents in the country could be used by the state to “blame alleged hackers if sensitive and important documents go missing in the government, and this is how the political game might unfold in this case.”
In Lebanon’s case, it is possible that Israel could be behind the attacks.
According to Dhainy, on Telegram, the group R00TK1T, which took credit for the hacks of the Parliament and Social Affairs Ministry websites, regularly affirmed that it “stands with Israel."
“Abusing security bugs present in the websites of organizations or governments is one of the ways that aids hackers in their attacks,” Dhainy told L'Orient Today, noting that governmental websites in Lebanon have low-security precautions.
According to Dhainy, “We should expect to see many more hacking attacks in the coming few weeks as Lebanon, due to the low cybersecurity of its entities, is an easy victim for such attempts.”
A source at the Internal Security Forces told L’Orient Today that the cybercrimes department has been assigned to investigate the recent attacks “but we have no findings yet as the investigation is still ongoing.”