Internet pranksters have brought down the Royal Navy’s website, causing embarrassment for the Ministry of Defence just weeks after the government stressed the importance of protecting the nation from cyber attacks.
The Navy’s news and information site was rendered useless for more than two days, but no military secrets were stolen, the Navy said. A holding page was put up in its place promising the site will be back online “soon”.
“We can confirm that there was a compromise of the Royal Navy public-relations internet website over the weekend,” it said in a statement.
“There has been no malicious damage; but as a precaution, the RN website has been temporarily suspended. Security teams are investigating. Access to this website did not give the hacker access to any classified information.”
Researchers said that a Romanian hacker calling themselves Tinkode, who has previously challenged the security of the Nasa and US Army websites, was claiming responsibility for the attack.
“We can all be thankful that Tinkode’s activities appear to be have been more mischievous than dangerous,” said Graham Cluley, senior technology consultant at Sophos, a security software provider.
Tinkode apparently found a vulnerability in the software running the Royal Navy’s discussion boards. Usernames and passwords of some contributors to the site were posted online.
Last month, the government said in its Strategic Defence Review that cyberwarfare was “one of the highest priority national security risks”, after the director of GCHQ, Iain Lobban, warned of a “real and credible” threat to national infrastructure from online attackers.
The vulnerability of the electricity grid and other critical services was demonstrated earlier this year by the discovery of the Stuxnet computer worm, which some researchers suggest could have been created by governmental agents.
The Royal Navy’s online difficulties follow last month’s embarrassment when a nuclear submarine ran aground off the Scottish coast.