CASES.LU

Glossary

  1. ▹ Antivirus
  2. ▹ Assets
  3. ▹ Authentication
  4. ▹ Availability
  5. ▹ Basic criteria for risk analysis
  6. ▹ Computer Hacks
  7. ▹ Confidentiality
  8. ▹ Control
  9. ▹ Cryptography
  10. ▹ Cybercrime
  11. ▹ Cybercriminals
  12. ▹ DRP – Disaster Recovery Plan
  13. ▹ Data backups
  14. ▹ Data loss
  15. ▹ Defacement
  16. ▹ Disinfect machine with a live CD
  17. ▹ Disposal
  18. ▹ Email
  19. ▹ Firewall
  20. ▹ Human error
  21. ▹ IDS/IPS
  22. ▹ Image rights
  23. ▹ Impact
  24. ▹ Integrity
  25. ▹ Internet and copyright
  26. ▹ Legal Aspects
  27. ▹ LuxTrust
  28. ▹ Malicious Codes
  29. ▹ Malicious websites
  30. ▹ Network segmentation
  31. ▹ Password
  32. ▹ Patches
  33. ▹ Phishing
  34. ▹ Physical faults
  35. ▹ Securing a fixed workstation
  36. ▹ Physical theft
  37. ▹ Recommendations for securing a file server
  38. ▹ Recommendations to secure a server connected to Internet
  39. ▹ Recommendations to secure a Web server
  40. ▹ Removable devices
  41. ▹ Risk processing
  42. ▹ Spam – unwanted emails
  43. ▹ SSL/TLS – encryption technologies on the web
  44. ▹ Update softwares with Secunia PSI
  45. ▹ Security Charter
  46. ▹ Social engineering
  47. ▹ Threat
  48. ▹ Virtual Private Networks (VPNs)
  49. ▹ Vulnerabilities
  50. ▹ Web of Trust - WOT
  51. ▹ Web filter – Proxy
  52. ▹ Why is it important to protect your computer?

Defacement

In brief

Defacement is a form of cybercrime, such as cyber-vandalism or even cyber-terrorism, directed against a website.

Defacement is the deliberate destruction, degradation or modification of website data, to inflict maximum damage and/or impact, for fun or for political or ideological reasons. In principle it involves replacing the original page, hence the term defacement.

How does it work?

Depending on the desired impact, several means can be used to perform this type of attack. They are of varying complexity and scope, depending on the desired impact. The most common include defacement through the exploitation of the vulnerabilities of the server or site and what is known as ‘semantic’ defacement. The former enables you to change the content of a site or home page. In some cases, the hacker can simply delete all content from a site. The latter involves slightly modifying the content of different pages – to change their meaning, usually to slip in different ideas from the original ones. Unlike changing the appearance of the site, this type of defacement is more subtle and difficult for the site manager to detect.

How can we protect ourselves?

Basic security measures for web servers.

To protect against defacement and certain types of semantic attack, there are several preventive measures, including:

  • the use of an integrity controller or anti-intrusion devices, in particular application firewalls that prevent a fault on a web application being exploited;
  • installing patches on the web server. These can reduce the number of vulnerabilities and thus the likelihood of intrusion on the server;
  • verification and regular monitoring of the website to be protected by trusted persons, inside or outside the organisation. For example, a daily content integrity check.

With these three preventive measures, the likelihood of website defacement can be reduced.

Why protect yourself?

Companies are becoming more and more dependent on information networks. A simple change in the network can cause significant damage at economic, social, logistical, emotional or environmental level.

Moreover, as the general public is fascinated by all types of computer attacks, the media gives them wide coverage. In fact, defacement results in a sharp decline in the victim’s brand image.

Example PICTURE

In 1999, after the bombing of the Chinese embassy in Belgrade, Chinese attackers posted messages such as “we will not stop attacking until the war stops” on US government websites.

In April 2001, after the mid-air collision between a US spy plane and a Chinese fighter over China and the detention of the American crew in China, groups of hackers on both sides waged an intense war. More than 1,200 American websites – and probably as many sites in China – were defaced.

Table of Contents