Cyber Incident Victim: Malaysian Ministry of Education
Date:
Dec 2013
Location:
Malaysia
Summary
Hackers defaced the Malaysian Ministry of Education's website alongside another government portal, replacing content with a "Happy New Year" message and anti-government statements, respectively. The attackers claimed affiliation with Evil Shadow Team, a group previously linked to cyber incidents targeting other entities. Over two dozen commercial websites were simultaneously compromised with similar politically charged defacements. Both government platforms were taken offline following the breaches, and authorities initiated an investigation to assess potential violations under existing computer crime legislation. The incidents disrupted digital services while highlighting coordinated targeting of governmental and private sector web assets.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 1 technique |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
On December 31, 2013, attackers compromised multiple Malaysian websites, including two government domains operated by the Ministry of Education (moe.gov.my) and the Malaysia My Second Home Programme (mm2h.gov.my). The Ministry of Education’s homepage displayed a defacement message reading “At / 2013-2014 Happy New Year!” attributed to a group identifying as Evil Shadow Team. Simultaneously, over two dozen commercial websites were altered to display anti-government content, though specific messages or affected entities beyond the government sites were not detailed in public reports. Both government portals became inaccessible following the breaches, indicating administrators took them offline to contain the incidents. Initial technical assessments suggested unauthorized access to web servers, though forensic details regarding intrusion vectors or data access remained undisclosed.
Malaysian authorities confirmed an investigation into the breaches under the Computer Crimes Act of 1997, which criminalizes unauthorized computer access and data interference. No claims of data exfiltration or secondary attacks beyond defacement were verified. Evil Shadow Team had historical ties to a 2012 breach of the Indian Microsoft Store, but officials did not confirm whether the same subgroup operated against Malaysian targets. The incident disrupted public access to educational and immigration services temporarily, though no long-term operational or financial impacts were quantified in available disclosures. Restoration timelines for the affected websites were not publicly specified following their takedown.