Tuesday, May 21, 2013

Think Twice, Hack Once - An important lesson to be learnt in regards to the South Africa Police Service (SAPS)website hack

Today I read a pretty disturbing exclusive news article on the ENCA, an independent and reliable news source website.

A hacker who calls himself, "@DomainerAnon" on Twitter hacked the South African Police Service website and it looked like he dumped the contact details of many people who used the website. Both police officers' and innocent whistleblowers' personal information was leaked. Apparently @DomainerAnon is really upset with our South African Police Service because of the Marikana incident..

According to the ENCA website:
"In so doing, the identities of nearly 16,000 South Africans, who lodged a complaint with police on their website, provided tip-offs or reported crimes, are now publicly available".
I contacted @DomainerAnon and asked him why he released the sensitive information of innocent whistleblowers in the course of his hacktivism. Apparently his hacktivist anger is directed at our corrupt government and the inequality still existing in a rich country like South Africa.

To be honest, I agree with him. We do have a corrupt government that is impacting our ability to deal with the social and financial inequality caused by Apartheid.

What I don't agree is his method. If he really wanted to help us he would actually be going after the corrupt politicians. It's not like we lack content. You really want to help South Africa? Expose the corruption.

I did ask why  @DomainerAnon was risking the lives of innocent whistleblowers to prove a point and he seemed to think that he had not released whistleblower information. I think in his mind he thought he was just "sticking it to the corrupt South African government"  by releasing police officer information.

However according the reliable media source ECNA:
"However, eNCA.com was able to download the list posted online in less than five minutes and spoke to some of the people who had logged concerns on the SAPS website. After informing Setati of this, his response was: “The SAPS would like to reserve its comment on the matter at the moment."
Complaints range from rape cases opened in Durban to police brutality in Port Elizabeth. Also on the list are ordinary South Africans asking for help in cases involving vehicle theft and illegal shebeens. People have also complimented police on their work, including speedy responses to emergencies and help in cases."
So it appears @DomainerAnon was wrong. He has inadvertently exposed the personal information of innocent whistleblowers. With one mistake, he managed to piss off just about every South African who is not a corrupt criminal.

After going through the data dump I can personally confirm that @DomainerAnon has released the personal information of many whistleblowers. These people are the most vulnerable in our society. They are rape victims, people reporting drug lords, people reporting corrupt police and victims of domestic violence. This is a pretty shocking release.

There is that old saying. "With great power comes great responsibility". When you become irresponsible with that power and start costing lives, how different are you from American drone strikes and their collateral damage?

I really hope one day to see a skilled hacker expose the corruption in my (and all) government. That's worthy of the respect of the South African people... but this hack. Is not worthy of respect.

EDIT: 22/5/2013: There is a follow on to this story where the South African Police Service misrepresent the truth about the whistleblower leak

1 comment: