News– The DPR RI YouTube account suddenly broadcasts live streaming of online slot gambling content. Chairman of the Cyber Security Research Institute CISSEReC (Communication & Information System Security Research Center) Pratama Persadha, said this could happen because awareness of management of official government sites or accounts regarding cyber security is still quite low.
Pratama suspects that the DPR’s official YouTube account was taken over by hackers through phishing methods. Moreover, previously, hundreds of government and academic sites had been hacked and infiltrated by online gambling content, indicating that Indonesia had entered an online gambling emergency phase.
It can be seen from the title of the video and the thumbnail inserted by the hacker from YouTube Barış Slot (@Barış-casino). This is because the old videos on the Barış Slot account contain videos of karaoke songs in Vietnamese, so the relevant security authorities have to check them in more detail.
“There is a possibility that the official YouTube account was taken over by hackers through phishing methods,” said Pratama in his official statement, Thursday (7/9/2023).
Usually, hackers will easily hack an account when the email address used to log in is not equipped with a two-factor authentication method and the operator using the email is not careful, so hackers succeed in trapping them with phishing messages sent by them.
In addition, this can be exacerbated by phishing campaigns against YouTube accounts that use malware and can steal the owner’s cookies (files created by the site being opened). Some phishing traps that are often used by hackers are advertising offers, information about account blocking, links containing fake landing pages, and so on.
This often causes sites or social media accounts owned by governments and academics to be infiltrated by online gambling sites by hackers or account control is taken over by them, so that hackers can freely change the content on these sites or social media. In fact, hackers can change account names and important data used to log into accounts or sites.
“As has often been stated before, that the awareness of site managers or official accounts from government and academics regarding cyber security is too low,” said Pratama.
Pratama also appealed to site and social media managers to be aware that hacking patterns are now starting to shift. If previously hackers carried out their actions to gain fame, now hackers carry out their actions for financial reasons because many online bookies employ world hacker experts to secure their online gambling site platforms.
Also Read: The BSSN and the National Police Intervene to Investigate Hacking the DPR RI’s YouTube for Online Gambling
Awareness of the DPR RI’s YouTube Site Manager on Cyber Security
After successfully hacking the victim’s account, the hacker will get the shell account or credential data they got and sell it to operators or online bookies. If the victim’s shell account is an official government website or a popular person with a large number of followers, then the price offered will be higher than a normal account.
“Other things we can do to protect ourselves from our cyber attacks are to always install applications from official sources, such as Google Playstore or IOS AppStore, update operating systems, applications, and other software with the latest security patches,” he explained. .
Then, install and update strong security software, such as antivirus and anti-malware that will alert you to malicious apps or phishing links. Never click on links or open attachments from suspicious emails and messages, especially from unknown sources or containing unusual requests. Therefore, make regular copies of important data and keep these copies in a separate location.
“Avoid visiting suspicious or untrusted websites, especially those containing illegal or dangerous content,” added Pratama.
Additionally, use strong and unique passwords for personal and official online accounts and take advantage of the Two Factor Authentication feature at all times. If necessary, change your password (account password) regularly and do not carelessly connect personal devices to free WiFi access or free charging services.