On March 14, Argentina’s Official Gazette suffered a hack with false Coronavirus resolutions displayed, reported El Cronista. The Official Gazette uses a blockchain system, which is known to be challenging to hack.
The false publications included resolutions relating to state employees that have confirmed or suspected virus infections and public servants working from home. Argentina has confirmed 128 Coronavirus cases at the time of writing and has announced mandatory quarantine in the country.
A government gazette publishes public or legal notices in some ways like a newspaper of the government administration. In Argentina, the digital version of the Official Gazette is considered legally valid, just as the printed copy.
With the current global health crisis, preventing false information is one of the top priorities for governments to avoid panic. The hack related to the publication of the incorrect version of last Saturday’s edition.
But precisely what happened seems to be a mystery.
An unnamed source told El Cronista: “No one entered or changed anything”. The same person implied there was an attack that generated unusually high traffic that took the website down for hours.
Separately, the newspaper stated that the false resolution was still visible alongside an updated correct version uploaded the next day. This may imply the information on the blockchain system could have been tampered with, and not merely the website.
If only the website were hacked, the false version could have been deleted quickly. Blockchain is an immutable ledger, with no provision to amend or change data, which might explain the need for a supplemental edition. That’s why it’s essential to verify the data that goes onto a blockchain so that it remains a single source of “truth”. El Cronista said that while the information in the resolution was false, it was a valid resolution, indicating that a node must have been compromised or someone with access uploaded false information.
While exact details about the blockchain system are not available, it’s almost certainly a private permissioned blockchain. Private blockchains have a limited number of nodes, with some or all having access to write on the blockchain. So, it is probable that one such node with permission to write to the blockchain was hacked or an unauthorized person gained access.
Argentina is exploring blockchain for various governance roles, and has set up the Blockchain Federal Argentina (BFA). Recently, it launched Gasnet for leveraging blockchain for natural gas distribution in the country. Argentina suspended the company registration blockchain, citing the need for increased regulatory control.