Why Websites are Defaced

 

Website defacement

Website ravage is similar to design  graffiti on a wall, only it happens virtually. database ’

 coming change - pictures and/or words are dash off across the deform database .

Why Websites are Defaced

mugger may have distant motivations when they deface a website. Political provocation is one. Attackers who are against a authority or a particular movement can selected  to deface related websites to air their look out . mugger who do this are known as "hacktivists". They may rotate the content of the damage database with a picture or a message of their selected .

another  mugger may selected to damage a database for fun - to mock site owners by finding website blame and exploiting these to damage the database . These mugger "taunt" the site owners. Similar to hacktivist, these attackers damage a database with a image or a message of their selected .

Examples of Website Defacement Attacks

note displayed during damage of a UK National fitness kindness database in 2018. Source: BBC.

Some of the world’s biggest database have been hit by damage mugger at some point. A defacement attack is a public indicator that a database has been compromised, and causes damage to the brand and reputation, and that lasts long behind the attacker’s note has been deleted .

NHS defacement attack

In 2018, the BBC reported that a website hosting data from patient surveys, operated by the UK National fitness kindess (NHS), was damage by hackers. The defacement note said “Hacked by Antagonist.” The note was delete within a few hours, but the site may have been damage for as long as five days. The attack raised concerns all over the secure of medical data controlled by the NHS. 

Google.ro and PayPal.ro

In 2012, users could not access Google Romania, and instead were taken to a defacement screen posted by MCA-CRB, the “Algerian Hacker”. The damage was in place for at least an hour. The attack was doing by DNS hijacking—mugger managed to falsify DNS reply and redirect users to their own server instead of Google’s. The same attack was carried out once the domain paypal.ro. The MCA-DRB hacker category was manage for 5,530 database damage across all five main , many of them targeting authority sites.

Largest cyber attack in Georgia’s history

In 2019, Georgia, a small European nation , mature a cyber attack in and that 15,000 database were defaced, and then knocked offline. Among the database affected were authority database , banks, the local press and the large television broadcasters. A Georgian web hosting supply called Pro-kindness took charge for the attack, releasing a statement that a hacker breaches their internal systems and compromised the database .

Website Defacement Prevention: DIY Best Practices

The following are easy best practices you can applicant today to protect your database and minimize the selected of a successful ravage attack.

Use the Principle of Least Privilege (POLP)

By limiting privileged or administrative access to your websites, you reduce the chance that a malicious internal user, or an attacker with a compromised report , can do damage. 

Avoid donor administrative access to your site to original who don’t really demand it. Even for users like webmasters and IT staff, give them only the privileges they actually demand to doing their roles. Pay careful notice to contractors and external giver , ensure they don’t collected excessive privileges, and revoke their privileges when they stop working on the site.

Avoid default admin directory and admin email

Never use the default name for your admin directory, because hackers know the default names for all common database stage and will  be attempt to gain access to them. Similarly, avoid using the default admin email addresses, because mugger will  be try to deal them using phishing emails or other methods.