MANILA – The website of the Civil Aviation Authority of the Philippines (CAAP) fell to a cyber attack on Wednesday.
As of this posting, the CAAP website was down and only Chinese ads can be seen on its home page.
Tech journalist Art Samaniego said the defacement happened past 1 p.m. Tuesday.
Authorities have yet to issue a statement on the incident.
Analysis done by the Nullforge website said the CAAP website had several vulnerabilities including:
– Outdated Joomla CMS v3.6.5 – http://www.caap.gov.ph/administrator/manifests/files/joomla.xml current stable version is v3.8 – (lack or the absence of patch management)
– There is a known zero-day exploit for Joomla CMS v3.6.5 circulating in the wild.
– There were several security violations that was spotted on the CAAP website that can been seen by any security searchers or skilled attackers. (Lack or the absence of vulnerability assessment and penetration testing)
Several government websites have fallen to cyber attacks in recent years.
A month before the 2016 national elections, hackers defaced the Comelec website and leaked the personal information of some 54 million voters.