In a reminder of the staggering cybersecurity inadequacies of a country gearing to set up a new national firewall, online hacktivist collective Anonymous has hacked the servers of Thailand’s police department.
Hacked readers will know of Thailand’s military government’s aim to squeeze all internet communication into a single gateway. If you aren’t aware of the master plan, Thailand’s Prime Minister General Prayut Chan-o-cha and his cabinet ordered the country’s National Police Department, the Information and Communication Ministry along with the Justice Ministry to look into the means to set up a single gateway for the internet.
A resolution was passed soon after, mandating the agencies to look into laws that would need to either be enacted or amended, as a means to enforce the single Internet gateway.
To nobody’s surprise, state-run company CAT Telecom was chosen by the Prime Minister as the only authority to control all internet communications through the single gateway in Thailand.
With public backlash from the Thai people along with criticism from around the world, the government’s public stance has since changed. The Prime Minister stated that he hadn’t “ordered’ the agencies to go ahead with the mandate and that he had merely only suggested the endeavor as a study. The backtracking convinced few, least of all the Thai people and hacktivist group Anonymous.
Anonymous targeted telecom company CAT in an operation called Single Gateway. By hacking multiple Thai government websites, Anonymous, and F5CyberArmy, a group of Thai gamers revealed the lowly security measures enforced by CAT Telecom by pseudo-doxing the records of thousands of CAT Telecom customers.
The hacktivist groups did not disclose the plaintext credentials of everyday users but did reveal the lack of cybersecurity controls employed at a company that was tasked to monitor the internet communication flow of an entire country.
In a recent posting on Twitter a month after the operation began, Anonymous confirmed that #OpSingleGateway is still “alive and well,” in the stand taken for freedom of speech and privacy of the Thai people.
— Anonymous (@GroupAnon) November 30, 2015
The new statement by Anonymous noted that governmental plans for the single gateway are still in motion. The group also elaborated on the dangers of having a government watchdog and controller, one that records and monitors all internet activity coming in and within the country.
The statement read:
Anonymous has been watching the conditions that are necessary for an open, tamper-free internet and freedom of speech systematically attacked within the kingdom of Thailand.
Anonymous will not sit idly by and watch another nation construct a Great Firewall, as China has done to keep its citizens from experiencing the competing viewpoints and ideologies that make up free and open discourse online.
The Thai military junta want to centralize and control completely the means with which the Thai people access the internet. This will enable them to monitor, censor or even entirely disable internet communications into and out of Thailand.
Although there have been numerous clarifications, denials, and confusing statements about the prospects of a single internet gateway in Thailand, it is our understanding that these plans are still in motion, still receiving funding, and still very much part of the government agenda.
As a previous statement by Anonymous Asia on behalf of OpSingleGateway stated:
“It is unacceptable that you promote your own people, army executives at the Head of the largest Telecommunication operator: CAT Telecom. Any Corporations or individuals helping to deploy this single gateway will be targeted by any electronic means.
We will not only fight against the single gateway project but will expose your incompetence to the world, where depravity and personal interests prevail.”
If you are a Thai citizen, understand that your data, the records of what websites you access or who you speak with online, and what you say to them is not safe in the possession of your government.
How do we know this?
Because their data is not safe from Anonymous.
Your government wants you to trust their motives in collecting information on your online activities; they want you to trust that they will be able to secure this data and will only use it for lawful means.
They cannot guarantee any of this.
If a single gateway for access to the internet outside of Thailand is created, with the inevitable accompanying databases that will contain details of traffic passing through the gateway, it will get hacked.
Imagine your entire life sitting on a single, poorly secured server. Credit card and banking details, private emails to your husbands and wives, pictures of your children, every website you have ever visited, everything that makes up the most intimate and private parts of your life – all open and waiting for anyone of ill-intent to steal and use however they wish. We are not trying to scare you. We are trying to highlight the risks your government wants to create for you, for your family, for your business. Under the guise of “increased security” and “vigilance,” they will have exposed you in the most dangerous way possible to anyone who has the ability to circumvent their poorly-secured servers.
Ask yourself, is this “security” going to benefit you, or benefit the government that refuses to acknowledge the criticisms and concerns of its citizenry?
Facebook, Google, and Microsoft are being pressured to provide information on critics of the Thai junta, in a struggle between corporations and governments it will always be the average citizens who suffer.
We are with you, we want to show you the risks to your liberty and privacy, please stand with Anonymous and tell your government that this is wrong for the people of Thailand.
To prove our point we are demonstrating the inability of the Thai government to secure even their own police servers, it is pitiful and should worry all of Thailand.
Your police are protecting their files with passwords like 12345; it would be funny if it weren’t so sad.
Anonymous is watching.
True to their word, Anonymous proved the vulnerability of Thailand’s police servers by revealing a dump file (password-protected) consisting of several records.
The effort is to be seen as one to show the Thai people just how susceptible government websites and servers are to a hack and a breach.
The likelihood of a data breach targeting servers containing piles of information is high, as evidenced by breaches that make headlines every day. The likelihood of a breach targeting government websites and servers that could potentially snoop into and control the internet traffic of an entire country of 67 million people – is entirely likely. And it is worrying, for good reason.
With the most recent update, it appears that #OpSingleGateway still has the wind on its sails and will continue to persevere as long as Thailand’s Prime Minister, his cabinet and the Thai government continue to work on the singular gateway to control the internet in Thailand.
Images from Shutterstock.