By Peter Stevenson
OFFICIALS at the Internal Audit Service (IAS) have been put on alert after reports emerged yesterday that hackers had managed to gain access to and change the government’s database.
Head of the IT branch of the IAS, Stelios Ioannides told the Cyprus Mail that attacks happen constantly as hackers are always on the lookout for vulnerable spots both in government and private systems.
“Hackers try to take advantage when software and hardware needs to be upgraded or a new patch is released, as vulnerabilities and weaknesses in the system tend to appear then,” he said.
Ioannides said that he was not at liberty to discuss what kind of information had been changed as it was highly confidential but that his department was aware of threats to the government’s systems and was looking at plugging any holes.
“Simulated hacker attacks are carried out on a regular basis so we can be prepared,” he added.
Head of the IAS Andreas Lambrianou told daily Phileleftheros that hackers had been trying for months to gain access to prohibited information by trying to find holes in the system.
Most recently hackers managed to get into the Citizens’ Service Centre’s system and change information. Lambrianou said that the centre’s system had an alarmingly low amount of security and hackers were able to get in and change any information they wanted.
It was reported that personal data was altered allowing people to become eligible for free healthcare and welfare benefits.
Authorities have introduced a number of changes this year to the healthcare system, as part of their obligations to international lenders, including raising hospital fees and introducing disincentives for abusing the overburdened system.
They include new income criteria for beneficiaries and the introduction of hospital fees for doctors visits, the A&E department, for lab tests and for prescriptions.
It is believed that the changes to the Citizens’ Service Centre database were done in protest over the changes, the reports said.
Following a number of incidents, the IAS in cooperation with the centre, began changing the software, putting up firewalls and other security.
“These attacks can be addressed by the IT audit branch which is the only one of its kind throughout the public service,” Lambrianou said.
The unit decided to carry out checks at the centre as it is connected with the ministries of finance, labour, communications, interior and health.