Dwarapala

Case Study

Online Gambling Threat Escalates

The rise of illegal online gambling activities in Indonesia has become increasingly alarming, with threat actors injecting websites—especially government and public-facing ones—with advertisements encouraging online gambling.

Recently, a client operating in the government services sector approached us after discovering that several of their websites were compromised and injected with these illicit gambling ads.

What Happened?

A threat actor exploited compromised client credentials found on the internet to gain SSH access to the targeted web servers. Once access was obtained, the actor uploaded gambling campaign ads onto the client’s websites.

How Did Proteksi Siber Global Assist the Client in Resolving the Issue?

The cleanup process was carried out following the standard procedures outlined in NIST SP 800-86. Proteksi Siber Global conducted a thorough examination of the client’s web servers and found that the threat actor had also implanted a script designed to prevent the removal of the injected gambling ads. This script was intended to ensure the persistence of the ads, complicating the remediation process.

What Was the Impact of This Incident on the Client?

The consequences of this breach can be classified into two main areas:

  • Operational Impact –  Since the attack used valid login credentials, the malicious activities went undetected by the client’s IT security team. There is a high likelihood that several servers were compromised during the incident.

  • Reputational Impact – The presence of gambling ads on the client’s websites could give the public the impression that the organization supports illegal online gambling activities, leading to potential reputational damage and a loss of trust, particularly for a government-affiliated entity.

Key Takeaways from the Incident

Following the breach, the client promptly reset all organizational account passwords and conducted a comprehensive review of their access control procedures to prevent future incidents.

Ask about Proteksi Siber Global’s, services,
pricing, implementation, or anything else.

Our team of experts can help secure your
digital assets.