Several Barbados Government Websites Hacked

barbadoshackedwebsitesIt appears that several government websites have been hacked. Of interest is the NIS website which has been the subject of robust discussion in recent days – http://www.bginis.gov.bb/, http://www.lawcourts.gov.bb/, http://www.barbadospolice.gov.bb/images/, http://www.zone-h.org/archive/notifier=Xrapt0r, http://bao.gov.bb/

89 thoughts on “Several Barbados Government Websites Hacked


  1. Cybercrime is a major problem and it seems like Barbados is not exempt from either a cartel of hacktivists or from lone wolf geeks who have a lot of time on their hands to wreak havoc on the inside of the so-called “FIREWALLS” set up by IT engineers which clearly falls short of what is adequate gateway protocols…


  2. It is worrying because filing and paying VAT and Inland Revenue are now being done online.

    Identity theft, credit card theft etc. etc. etc. ……….. oh France


  3. @ David

    Could the issue also be the necessary UPGRADES* that is needed to improve and protect the back-doors of the government key departments infrastructure???

    I know government is USELESS* at allocating taxpayer $$$ but surely SOFTWARE* INFRASTRUCTURE is key to protecting national assets, securing top secret info and guaranteeing that critical information does not get into the wrong hands…

    Maybe this breach of NATIONAL SECURITY* will wake up a few sleeping dogs!!!


  4. Interesting…

    National Security , eh? For a few “secrets” that EVERYBODY knows about? REALLY?

    As the world turns…


  5. @ CH:
    Here are some wonderful opportunities for you to make an important contribution to the local IT landscape. But CH, unless you are showing the stripes of the current boys in power it might be almost impossible for any IT Security Improvement contracts to come your way. In this place the award of contracts is solely dependent on political branding. It is not how competent you are but who you support politically.
    What a waste of talent and technical competence in this little place that can hardly afford this luxury!


    • Note received:

      From: James Bynoe, Senior Vice President for Cyber Security – Brownstone Consulting Firm (Washington D.C).
      As a native of Barbados and international Cyber Security executive, the protection of the Caribbean’s Public and Private Information and Communication Infrastructures is one of the most serious economic and security challenges facing our region.  Our ability to effectively ensure the Confidentiality, Availability and Integrity (CIA) of regional informational technology assets has significant economic and security implications for both the public and private sectors.
      More than ever before a comprehensive regional Caribbean centric approach to Cyber Security is needed which takes into consideration the many technical, management, operational, and cultural nuances of the Caribbean.
      It is important that we as a region start to view ourselves as a “single cyberspace entity” in order to leverage best of breed Caribbean centric cyber security best practices and lessons learned.


  6. … thing is no matter how advanced the technology is there is always the possibility that somebody knows somebody who has the goods on somebody who can supply passwords!!


  7. @James Bynoe: “More than ever before a comprehensive regional Caribbean centric approach to Cyber Security is needed which takes into consideration the many technical, management, operational, and cultural nuances of the Caribbean.

    The good news is this is happening. ROK and I (and over 20 other people, including representatives from the RBPF) attended five days of “HIPCAR” meetings sponsored by the ITU and hosted by the Telecommunications Unit to review the existing cyber-crime legislation and how it should be modified to be more in alignment with other countries — not just within the Caribbean, but throughout the world.

    Overall, what is already on the books is good, but will hopefully soon be even better.


  8. @ CHRIS

    How do you explain the quantum sums of money spent on “LUXURY” ministerial cars and all the “FLUFF” used as window dressing for elected officials to “SHOW OFF” but moreover, the disgraceful spendthrift attitude of government throwing good “TAXPAYERS” $$$ at DEFUNCT* public works and other projects – yet refuse to “UPGRADE” existing 2003 WINDOWS SERVERS which would offset intrusions into INFO* regarding national security???

    CAN SOME EXPLAIN THIS KINDA’ FOLLY?


  9. @TMB… I do not *know* that the WinBlow servers had not been upgraded; I do not know the vector of the compromise.

    But the fact that the copyright notice on the RBPF web site had not been updated since 2005, for example, suggests it wasn’t getting the regular attention an Internet accessible machine should.

    But it is a truism that very few people think about InfoSec until after they’ve been hacked….


  10. @Chris

    Is it fair to conclude from your last comment that information technology is treated as a low priority matter? If so how should we view the strategy of the police given the mouthings of Commissioner Dottin and his promise to the increase use of technology as a communications tool.


  11. I have a hole in the tree in my yard where I keep my money

    If I catch anybody near my tree -BOOM -bye -bye in a idiot boy head


  12. @David… As you said to TMB, servers are hacked all the time, including those of high-end security firms (for example, RSA).

    As to your question, all I can say is: talk is cheap; implementation is expensive.

    As an aside, half of the fifth day of the HIPCAR meetings was a closed-door session with five members of the RBPF. I found them to be very technically savy, and truly able to deal with Cybercrime.

    But, as always, resources and ongoing training are needed for the entire police force in this ever changing new form of crime. Hopefully this experience will put an underline to this requirement; including the need for a formal Cybercrime Unit to be established.


  13. We continue to run ministries with senior civil servants and permanent secretaries can not even turn on a computer, and feel very satisfied to walk or send documents or letters to be typed by stenotypists. Do you expect any concern about data security or anything to do with information technology. Furthermore, ALL secrets in ministries are readily available; try dismissing any one; he or she knows before the discussion is over. We need to put a little sign on our web sites: open to all, no need to hack; that should fix our security problem.


  14. @David: “What should we read into several government websites targeted?

    Sorry… Realized I’d only answered one of your two questions.

    Two possibilities…

    1. The Barbados IP range was scanned by a “‘bot” which found holes. We only have a few subnets — much smaller than the world’s approximately 2^32 aggregate IP addresses.

    2. Someone decided that it was time to mess with the GoB.

    It would be interesting to know if any non-government, Barbados based Internet services were also compromised (or, at least, probed). This would help differentiate between the above two possibilities.


  15. @Christopher Halsall | October 13, 2011 at 10:07 AM |
    @TMB… Yup, all WinBlows 2003. Probably haven’t been updated in years…

    u speak as if it is expected that all govt IT system run on 2003. that is NOT SO. . it is interesting to note that the NIS, Police and The Court were the ones hacked. this leads me to believe this has nothing to do with easy access to the systems. When i first heard of the depts that were involved, i assumed that somebody was paying top dollars to get rid of some kind of serious evidence and they intended to removed all evidence, what the cost. it’s really fishy. but the problem still is that some departments run on 2003, 2007 and 2010. there is no unison


  16. @David and “chocolate city hussle”…

    I was trying to hold off on this, but you should consider compromised and possibly dangerous all web sites listed below:

    81.221.214.205.in-addr.arpa. 43200 IN PTR worldnetball2003.org.
    81.221.214.205.in-addr.arpa. 43200 IN PTR dlpstjamescentral.bb.
    81.221.214.205.in-addr.arpa. 43200 IN PTR homebuildersguide.com.bb.
    81.221.214.205.in-addr.arpa. 43200 IN PTR pickeringbarbados.com.bb.
    81.221.214.205.in-addr.arpa. 43200 IN PTR stpaulsfiesta2003.org.bb.
    81.221.214.205.in-addr.arpa. 43200 IN PTR businessclubbarbados.bb.
    81.221.214.205.in-addr.arpa. 43200 IN PTR barbadosvillaservices.com.
    81.221.214.205.in-addr.arpa. 43200 IN PTR starelectronicssecurity.com.bb.
    81.221.214.205.in-addr.arpa. 43200 IN PTR childprotectioninthebots.com.
    81.221.214.205.in-addr.arpa. 43200 IN PTR bwu.org.bb.
    81.221.214.205.in-addr.arpa. 43200 IN PTR caa.com.bb.
    81.221.214.205.in-addr.arpa. 43200 IN PTR itp.bb.
    81.221.214.205.in-addr.arpa. 43200 IN PTR lei.bb.
    81.221.214.205.in-addr.arpa. 43200 IN PTR nec.com.bb.
    81.221.214.205.in-addr.arpa. 43200 IN PTR npc.com.bb.
    81.221.214.205.in-addr.arpa. 43200 IN PTR rmg.bb.
    81.221.214.205.in-addr.arpa. 43200 IN PTR rss.org.bb.
    81.221.214.205.in-addr.arpa. 43200 IN PTR rta.bb.
    81.221.214.205.in-addr.arpa. 43200 IN PTR ssl.candwall.com.
    81.221.214.205.in-addr.arpa. 43200 IN PTR tmr.bb.
    81.221.214.205.in-addr.arpa. 43200 IN PTR vsi.com.bb.
    81.221.214.205.in-addr.arpa. 43200 IN PTR http://www.blpc.com.bb.
    81.221.214.205.in-addr.arpa. 43200 IN PTR cimh.edu.bb.
    81.221.214.205.in-addr.arpa. 43200 IN PTR csme.com.bb.
    81.221.214.205.in-addr.arpa. 43200 IN PTR capfa.org.bb.
    81.221.214.205.in-addr.arpa. 43200 IN PTR cartac.com.bb.
    81.221.214.205.in-addr.arpa. 43200 IN PTR equity.com.bb.
    81.221.214.205.in-addr.arpa. 43200 IN PTR sjwlaw.bb.
    81.221.214.205.in-addr.arpa. 43200 IN PTR whweb1.candwall.com.
    81.221.214.205.in-addr.arpa. 43200 IN PTR cssbdos.com.
    81.221.214.205.in-addr.arpa. 43200 IN PTR impsltd.com.bb.
    81.221.214.205.in-addr.arpa. 43200 IN PTR schools.org.bb.
    81.221.214.205.in-addr.arpa. 43200 IN PTR stpeter.bb.
    81.221.214.205.in-addr.arpa. 43200 IN PTR lawcourts.gov.bb.
    81.221.214.205.in-addr.arpa. 43200 IN PTR netbussol.org.
    81.221.214.205.in-addr.arpa. 43200 IN PTR stleonard.org.bb.
    81.221.214.205.in-addr.arpa. 43200 IN PTR capitallaw.com.bb.
    81.221.214.205.in-addr.arpa. 43200 IN PTR mancalbank.bb.
    81.221.214.205.in-addr.arpa. 43200 IN PTR topupandgo.bb.
    81.221.214.205.in-addr.arpa. 43200 IN PTR webhosting.candwall.com.
    81.221.214.205.in-addr.arpa. 43200 IN PTR activestate.bb.
    81.221.214.205.in-addr.arpa. 43200 IN PTR barbadosport.com.
    81.221.214.205.in-addr.arpa. 43200 IN PTR gymnasiumltd.com.bb.
    81.221.214.205.in-addr.arpa. 43200 IN PTR mariusbridge.com.
    81.221.214.205.in-addr.arpa. 43200 IN PTR popsbarbados.org.bb.
    81.221.214.205.in-addr.arpa. 43200 IN PTR refugeescamp.com.
    81.221.214.205.in-addr.arpa. 43200 IN PTR e-net-secrets.bb.
    81.221.214.205.in-addr.arpa. 43200 IN PTR gmcministries.org.bb.
    81.221.214.205.in-addr.arpa. 43200 IN PTR jurischambers.com.
    81.221.214.205.in-addr.arpa. 43200 IN PTR thompsonhenry.com.bb.
    81.221.214.205.in-addr.arpa. 43200 IN PTR barbadospolice.gov.bb.
    81.221.214.205.in-addr.arpa. 43200 IN PTR oldharrisonian.org.bb.
    81.221.214.205.in-addr.arpa. 43200 IN PTR belcantosingers.net.
    81.221.214.205.in-addr.arpa. 43200 IN PTR cctvplussystems.com.bb.
    81.221.214.205.in-addr.arpa. 43200 IN PTR hamptonchambers.bb.
    81.221.214.205.in-addr.arpa. 43200 IN PTR spsenquirypoint.gov.bb.
    81.221.214.205.in-addr.arpa. 43200 IN PTR dessertbeautyinc.com.bb.
    81.221.214.205.in-addr.arpa. 43200 IN PTR onthebeachntrack.com.
    81.221.214.205.in-addr.arpa. 43200 IN PTR worldnetball2003.com.


  17. And below…

    17.244.212.204.in-addr.arpa. 38400 IN PTR http://www.youthaffairs.gov.bb.
    17.244.212.204.in-addr.arpa. 38400 IN PTR landtax.gov.bb.
    17.244.212.204.in-addr.arpa. 38400 IN PTR intranet.fireservice.gov.bb.
    17.244.212.204.in-addr.arpa. 38400 IN PTR services.gov.bb.
    17.244.212.204.in-addr.arpa. 38400 IN PTR bao.gov.bb.
    17.244.212.204.in-addr.arpa. 38400 IN PTR mrd.gov.bb.
    17.244.212.204.in-addr.arpa. 38400 IN PTR http://www.bao.gov.bb.
    17.244.212.204.in-addr.arpa. 38400 IN PTR http://www.mrd.gov.bb.
    17.244.212.204.in-addr.arpa. 38400 IN PTR http://www.landtax.gov.bb.
    17.244.212.204.in-addr.arpa. 38400 IN PTR http://www.services.gov.bb.
    17.244.212.204.in-addr.arpa. 38400 IN PTR http://www.fireservice.gov.bb.


  18. @David: “Why would the Barbados light & Power be on this list?

    Because their web-site is served from 205.214.221.81.

    The rule (amongst serious InfoSec practitioners) is once a machine has been compromised it can never be trusted again.


  19. @David: “But you stated machine, what machine?

    The machine (computer/server) that answered HTTP (port 80) TCP requests at IP address 205.214.221.81.

    Much like the machine (computer/server) which answers HTTP requests for bajan.wordpress.com; which is currently at 76.74.254.123.


  20. To David and Chris:
    I smell a rat here; compromised a lot but throw in the police, the courts and the rss (regional security system). You go figure who benefits from such a compromise.


  21. To Chris:
    That why you end up in court or have to retain a lawyer. When “searchers” are seeking information whether that information is about you the subject or your environment, it is normal to spread the net as wide as possible; hence the intended targets or targets are not obvious. Do you who funds the regional security system; it is a military arm for the caribbean. As we speak and type they know that we are typing and speaking.


  22. To Chris:
    Innocence is golden on your part; they know that I know; it is not golden on my part, and it could involve lots more than a lawyer.


  23. with all the day to day complexities all we need now is another one to worry about.
    Look at all the above comments by CH! Numerology or what! Who in they right mind want to deal with that crap right now. Talk a language which all can understand not just a few. It is simple. !
    You go Kiki!


  24. @ CHRIS

    Based on your professional experience, do you think that the HACK* was a “denial-of-service (DDoS) attack” as we saw when LULZSEC* took down the CIA website on June 15th on a dare and was referenced as “”throwing bricks through other people’s digital windows”…

    Lemuel is smelling a “RAT” but who stands to profit from such a HACK*??? It would be interesting to see the answers on this one!!!

    Is our government sitting on sensitive INFO* that could be beneficial to some outside source or were the government SERVERS* used as backdoors to morph into and penetrate the network security of some other institution or organization?

    Do you remember that hackers were apparently upset by Canadian PM Stephen Harper’s moves to regulate the Internet in Canada – and by his re-election – broke into his party’s servers, planting a bogus story about how he had to be rushed to the hospital after choking on hash browns at breakfast???

    If this story has traction and clearly it does because BU is taking a lead here – should not the government come clean?


  25. To chris:
    With the compromise of the systems here, can any of them be reprogrammed for use by others with out our technical folks having a clue, or would it be best to follow your advice and abandon the vital ones and possibly upgrade.


  26. @TMB: “Based on your professional experience, do you think that the HACK* was a “denial-of-service (DDoS) attack”

    Well, what do you think?

    Since you were still able to access the web sites, does that not suggest that this was ***NOT*** a DDOS?


  27. @lemuel: “With the compromise of the systems here, can any of them be reprogrammed for use by others with out our technical folks having a clue, or would it be best to follow your advice and abandon the vital ones and possibly upgrade.

    Just wondering lemuel.

    Do you have any idea what you are asking?

    If you do, then please ask a coherent question.


  28. HI CH recently a computer virus attacked the USA military drones and they have had problems trying to resolve it maybe you can send them some quick fix ideas on getting rid of the virus


  29. @ CHRIS

    “I was trying to hold off on this, but you should consider compromised and possibly dangerous all web sites listed below:…

    This is very interesting!!!

    Based on what you said – once you’ve been compromised – it is difficult again to be fail-safe!!!

    So my question CHRIS* is this: WHY IS CABLE & WIRELESS SO SLACK???

    You referenced [2] standard IP addresses which seems to host a whole group of government and party sites… IS THIS SECURITY VIABILITY? or telecommunication rationing???


  30. To chris and TMB:
    I have to go now, but I hope to check in later after 10 to see what your assessment of this attack is. I believe it is very important that we know.

    To Chris, terrorists would not waste their time, the major ones that is, pulling off any thing in Barbados, unless the president or some high level figure was here. They know that the news people would be around. An act of terror reported on CBC would not even get on my TV far less CNN or the BBC the audience they really want to have. We are of a very low news value.This could be the beginning of economic warfare; we have everything that models developed countries; we could be part of games theorists history.


  31. @ CHRIS

    “Well, what do you think?”

    When the story broke – do we know how much time the government’s network engineers had to do the necessary window dressing?

    Being able to access the government website after the damage was done and subsequently REPAIRED* is the window dressing we’ve come to expect from our government…

    When the INFO* was leaked that there was a HACK* – one assumes that the “dirty deed” had already been perpetrated…


  32. @TMB: “Based on what you said – once you’ve been compromised – it is difficult again to be fail-safe!!!

    Once a machine has been compromised, it needs to be completely reinstalled from fresh media and then the web sites reinstalled from backups after a security audit of each and every file.

    The reason is it is almost impossible to tell if some back door has been installed; an executable trojaned, etc.

    @TMB: “So my question CHRIS* is this: WHY IS CABLE & WIRELESS SO SLACK???

    We do not know this was C&W’s fault. It could have been one (or more) of the hosted web sites had a weak Content Management System (CMS) and/or used weak passwords for their Secure SHell (SSH) (or, god forbid, File Transport Protocol (FTP) or Telnet) account(s).

    But once a “cracker” (the preferred term in the industry — a “hacker” is someone who’s particularly good at what they do) has write access to a machine all bets are off.

    It is suspected, for example, that several countries have teams looking for and then using what are known as “zero-day exploits” on various operating systems. This means that privilege escalation can be achieved once code can be uploaded to and then executed on the machine. In the case of a web server, one vector is the code is uploaded into the “CGI-BIN” directory, and then simply accessed from a web browser.

    @TMB: “You referenced [2] standard IP addresses which seems to host a whole group of government and party sites… IS THIS SECURITY VIABILITY? or telecommunication rationing???

    It is very common to have many sites hosted on one machine / IP address.

    This is fine for “brochure” or “news” sites — those that present information to the public but without holding or processing sensitive information. There is still the risk, however, of the site(s) being compromised and “malware” being placed on the site which the users unknowingly download and execute (in the case of Javascript, Java, ActiveScript et al) or install.

    Any site which processes sensitive information should be on a dedicated server (read: no other web sites hosted thereon). These can be “virtualized” along with other such sites within another server so long as the root host is very strongly locked down, and there is no possibility of “leakage” across the virtualized servers.


  33. @lemuel: “This could be the beginning of economic warfare; we have everything that models developed countries; we could be part of games theorists history.

    The majority of Cybercrime *is* motivated by economic advantage. And while Barbados is small, we’re not insignificant.

    Let me please put this out there for consideration — several web servers here in Bim were compromised. We don’t know how deeply.

    Is it not reasonable to assume the possibility that several e-mail servers were compromised as well?

    How many of you use Gnu Privacy Guard to encrypt your e-mail when sending sensitive information?

    Perhaps we should hold a “BU Key Signing Party”?


  34. chris
    as you know everything about everything
    what about cloud computing technology is that safe
    what about suing the government in a class action for not protecting and securing confidential / personal data
    is there better things to do on a friday night


  35. @kiki: “chris as you know everything about everything
    what about cloud computing technology is that safe

    I don’t know everything about everything. I can’t dance nor sing, for example. But I know a lot about ICT.

    But to your question, no, “cloud computing technology” is not intrinsically safe. Quite the opposite, in fact.

    When you “go to the cloud” (a Micro$oft phrase coined in a pathetic attempt to distract from Goggle) you entrust your data to the integrity of those who run the “cloud” you happen to be using.

    @kiki: “what about suing the government in a class action for not protecting and securing confidential / personal data

    Worth a try. Who will lead?

    And, more importantly, what is hoped to be achieved by such an action?


  36. Worth a try. Who will lead?

    I delegate the BU possie, I think Hants is a lawyer
    victims of breaches of data protection s/b compensated


  37. ^CH

    by freedom of information requests to government agencies
    queries about personal data held on government files
    data access issues
    data protection

    make some complaints etc


  38. ^CH
    its a shortlist of points

    if governments screw up handling confidential data or implementing poor security they are held accountable
    – if that is the case


  39. Could it be the Chinese Government? They have been suggested to be implicated in previous hacking attempts.
    If so, should we expect another attack soon?
    After all, you normally have a Chinese, then 2 hours later, you want another one.


  40. The Chinese Gov’t or its agents have been known to infiltrate the websites of Western Gov’ts or Corporations in search of military or industrial secrets (curiously we don’t hear when Western Agencies tap into Chinese Gov’t websites) so to tap into Barbados Gov’t websites would be like taking candy from a baby ( flawed analogy a baby would fight back). Most Gov’ts don’t like to admit it because they want the public to know that their websites have been compromised but the news leaks out anyway.

    I don’t know why the Chinese would want to hack into Barbados Gov’t websites all they have to do is read BU for any Gov’t secret.

    @St. George etc. how did you manage to mangle that joke?

    In keeping with providing the community with the highest level of entertainment here is an old Chinese joke compliments of Lord Blaikie


  41. @Sargeant: “The Chinese Gov’t or its agents have been known to infiltrate the websites of Western Gov’ts or Corporations in search of military or industrial secrets (curiously we don’t hear when Western Agencies tap into Chinese Gov’t websites).

    Are you familiar with ECHELON?

    This is simply the next step; where everyone willing to invest some talent can play.


  42. The issue raised here was one of my biggest concerns when I first heard about the Free Wifi Initiative being promoted in Barbados. Not that I am saying that they are directly linked and that Free Wifi is a bad thing. But my concern is that by providing an “island wide” free public access to Internet, persons can maliciously inflict harm and launch attacks with greater anonymity and less fear of prosecution. The hospitality clients that I have deployed free guest wifi for, implement a user acknowledgement and account generation to ensure each user is accountable for there actions on the network. The MPAA and the like, track down the biggest offenders of piracy by tracing the IP address they used to download the content, then contact the ISP to enforce bans or punishments on their subscribers. I can see some good war driving occurring.


  43. How long does it take to restore a website will it be week or two. Maybe a month or more. Just show the we are not ready to compete in the world


  44. @anthony

    A solid point.

    Can anyone advise what is the status of governments ecommerce strategy? Government’s Portal seems to be mainly informational. Could it be we have Permanent Secretaries who are dinosaurs?


  45. @anthony: “How long does it take to restore a website will it be week or two. Maybe a month or more. Just show the we are not ready to compete in the world

    It might be a function of when the web-site’s owners are comfortable with the hosting server. If it hasn’t been “reinstalled”, it should not be trusted.

    Alternatively, it might be when the web-site’s owners find alternative hosting arrangements.

    Personally, I spend BDS $20 a month for virtual serving of an unlimited number of sites on a shared server with unlimited bandwidth per month, and BDS $110 a month for a dedicated co-located server which only I have control of which has 2 TB of bandwidth per month.

    But, to put on the table, those sites which are not back on-line might be doing the correct thing.


  46. Recently Sony Online was hacked and was down for three months, so all this talk about competing with the world is nonsense. They have the best cyber security experts in the world at their disposal… it isn’t a matter of only getting the site back up, but investigating the attack and plugging the security hole.

  47. Pingback: Barbados Being Left behind, Where Is The Leadership? |


  48. sony online is not a website. it a portal. the comparison is little at best since they need to rebuild the whole portal from the ground up. As for best cyber security that not true many other people kept tell them their servers where open but sony ignored them.


  49. I use Republic Wireless it has unlimited text, talk, and data for $19/month. Their current phone is far from fancy but it suits my needs. But, like Phil said next month they’ll have the MotoX. I have no complaints about Republic and you can’t beat the price!Hacking

Leave a comment, join the discussion.