Inconsistent website maintenance leaves systems vulnerable, public hospitals are prime targets
Authorities are facing a huge challenge as they try to clean up the computer systems of government organisations, after finding millions of links to online gambling websites.
The problem is the worst at public hospitals, most of which outsource website hosting and maintenance. But inconsistent website maintenance across the public service leaves many organisations vulnerable to hacks and other cyber threats.
About 8 million scripts linked to online gambling were found on web pages of organisations under the Ministry of Public Health, according to Dr Anant Kanoksilp, information technology and communications director in the office of the ministry’s permanent secretary.
“Many website developers have retired or were transferred and thus websites were unattended and not updated while hackers are capable,” he said on Thursday.
About 30 million URLs of gambling websites had been uncovered in about 1,000 public-sector websites, said AVM Amorn Chomchoey, secretary-general of the National Cyber Security Agency. Most belonged to the Ministry of Public Health, followed by those of the Ministry of Commerce.
The health ministry was the main target because it had many hospitals that are required by the Public Sector Development Commission to have their own websites.
“Most hospitals, especially small ones, neither develop their own websites nor have their own servers,” said AVM Amorn. “They depend on web hosting. This is their weak point because they cannot upgrade their security.
“Links to gambling websites are being removed. The tasks are 50% complete but the problem will recur.”
A long-term solution, he said, would be to authorise the Digital Government Development Agency (DGA) to manage the websites of the government sector.
The DGA has ready-made and standardised websites for government organisations to use and could manage and monitor their security, he added.