Awuku Dela

F515/4 Nyaniba Estates Osu, Accra Ghana

Kokrokoo is a site designed for everyone looking for a bit of something.  It is geared towards to geek, traveller, events in Ghana, Photography and advice in general; to mention a few.

Ghana’s Ministry of Justice and Attorney-General Website Hacked by @Hpa_Argentina

I original created a post regarding this on Ghana Community. I am creating a post here so that I can actually dissect this whole incidence properly and throughly.

The official website of Ministry of Justice & Attorney-General Ghana (http://mojag.gov.gh/) was hacked yesterday by @Hpa_Argentina. The hacker called itself citizen of Argentina with special skills.
The hacker left a deface page along with a deface message against the government of Ghana for refusing the release of an Argentinean Navy ship-the Frigate Libertad it impounded a few months ago.

The hacker warned Ghana and threatened to if ship is not released, the hackers of Argentina will unleash hell on them. They will attack all the government websites of Ghana, their banks, stock exchange, all the oil companies and gold,” the hackers said in a statement displayed on the hacked site of the Justice Ministry.
According to the the deface message:

Ministry of IN-Justice HACKED!!!

Dear People of Ghana, 
Your Government have illegally seized our Libertad frigate, a School ship belonging to the Argentine Navy. Your Government is violating the Vienna Convention by failing to ensure the immunity of a Navy ship as the frigate Libertad. 
This School ship have a very special meaning for our people. Help us to get back our Libertad frigate! We ask you as brothers.
Government of Ghana, 
We are a citizens of Argentina, citizens with a very particular set of skills; skills that make us a nightmare for you. 
This is a warning. If you refuse to release our Libertad Frigate in three days, we will unleash HELL on you. We will attack all your government websites, all your banks, your stock exchange, all your gold and oil companies, your energy and water companies, we will publish on Internet all your personal banking records, the ones in your country and the ones abroad, and more! 
Your country will spend millions in loses, is not necessary, you just have to enforce international law. Three days…
@hpa_argentina – Hackers Patrióticos de Argentina

The Twitter account of @Hpa_Argentina hacker was suspended after announcing the hack yesterday.
At the time of writing this article, the website was restored and working online.
Please note....as at the time of making this post,
Website for Ministry Of Justice is still down
Source: www.hackread.com

 So, I went over to Ghanaweb to see what news they had anything on the interesting piece of news. This is what I pulled from their site

From Ghanaweb: 
Government says stringent measures have been put in place to fight all forms of cyber threats to ensure the safety of public agencies and business owners in the country.Speaking to a private radio station in Accra on Tuesday, the National Security Coordinator, Lieutenant Colonel Larry Gbevlo-Lartey was emphatic that the State has the capacity to deal with possible threats from all quarters.
Col. Gbevelo-Lartey’s assurance follows the hacking of the official Ministry of Justice website by a group of Argentines demanding the release of the 'Libertad Frigate,a ship belonging to the Argentine Navy within three days.
He revealed that plans were afoot at taking steps to prevent further attacks on government agencies, stressing “… the gentlemen concerned with this are meeting and they are looking at mobilizing our emergency response team to look at the threat that was placed on the website “Everything in this country is going to be done according to the rule of law and so that is one line of action that we would have to look at. This world is full of metric warfare and it’s not just about guns and bullets so this should not surprise anybody."If a group of persons in Argentina who feel aggrieved by this and use this kind of means to attack us... and if this is what the gentlemen want to do, then we will mobilize our capacity and we will counter what they are doing,” the security chief asserted.

After reading, I had the below comments to make

Certainly the wrong choice of words here. 
Any why is he looking at mobilizing an emergency response team....surely this is the responsibly of Network Admins...CIO's and the likes?
Also, what the dickens is METRIC WARFARE?

So I decided to d a little digging myself. Please not that I am not a security expert, so your comments are welcome ref any corrections you have.

I took a leisurely trip to the website for the Ministry Of justice and Attorney General. At the time I went there [4 days ago] the site was down. And it is still down. There are so many questions when asked will certainly go unanswered.

So as a starting point, I decided to ping the website:

Pinging www.mojag.gov.gh [184.106.55.49] with 32 bytes of data:
Reply from 184.106.55.49: bytes=32 time=156ms TTL=42
Reply from 184.106.55.49: bytes=32 time=113ms TTL=42
Reply from 184.106.55.49: bytes=32 time=114ms TTL=42
Reply from 184.106.55.49: bytes=32 time=128ms TTL=42

Ping statistics for 184.106.55.49:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 113ms, Maximum = 156ms, Average = 127ms

OK…the next thing I decided on was to find where this website was being hosted.
I did a "whois" search based on the IP address and website address.

Site is being hosted on Apache 2.2

Server Data

Server Type: Apache/2.2

IP Address: 184.106.55.49
ASN: AS19994

IP Location: Texas - San Antonio - Rackspace Hosting

Response Code: 200

Domain Status: Registered And Active Website

Hmm Apache 2.2!

I can swear that the latest version [with patches and updates] is 2.4
My question is...why host this site in the USA?

Further updates to follow…….