Tuesday, February 11, 2025

Portal within DOE website defaced by hackers

The Government Energy Management Program (GEMP) system portal of the Department of Energy (DOE) was defaced late Saturday afternoon, July 27. The group Deathnote Hackers claimed responsibility for the defacement.

According to the DOE, the GEMP Online System is an online submission platform of vehicles, appliances, and lighting inventories, as well as monthly electricity and fuel consumption.

In its statement on the defaced system portal home page, Deathnote Hackers declared that its exploit was a wake-up call. The hackers raised the alarm that if they — a group with limited means and experience compared to nation-state actors were able to breach the DOE’s systems with ease — what more if Chinese hackers with more sophisticated capabilities and resources decided to target the DOE?

The group pointed out that the DOE’s current security measures are clearly inadequate, and that it was a major issue and vulnerability that needs immediate attention.

The hackers urged the government to rethink and overhaul their security protocols, implement stronger encryption, conduct regular security audits, update their software, and invest in advanced threat detection and response systems because the stakes are too high to remain complacent.

The DOE and its international counterparts are deemed critical national infrastructure and deserve special protection for national security. Consequences are grave for countries should foreign actors compromise the country’s energy systems, observers said.

As of Sunday, July 28, the DOE-GEMP system portal homepage was inaccessible from the Internet.

The DOE has released a media statement that it has taken the system offline and is closely coordinating with the Philippine National Computer Emergency Response Team (NCERT) and the system’s developer to address the possible vulnerabilities of the website.

The agency also stated that it is committed to keeping its systems secure and would continue to upgrade its systems, adding it is also exerting all efforts to restore the webste to full operation at the soonest possible time and implementing strategies to make their systems more resilient.

In a separate statement, Deathnote Hackers declared that they were giving the DOE a second chance and that they had no problem publishing all related data, including trade secrets, on a hacking forum if they find the DOE to be still incompetent after their breach.

Deathnote Hackers previously flagged the Philippine Navy in April to state they had a vulnerability.

Deep Web Konek, a “Philippine-based cybersecurity organization specializing in monitoring, analyzing, and addressing threats from the deep web and dark web” was one of the first groups to alert the public about the DOE breach.

Subscribe

- Advertisement -spot_img

RELEVANT STORIES

spot_img

LATEST

- Advertisement -spot_img