Defacement

In Brief

A defacement is a form of cybercrime, such as cyber-vandalism or even cyber-terrorism, directed against a website.

Defacement is the deliberate destruction, degradation or modification of website data, to inflict maximum damage and/or impact, for fun or political or ideological reasons. In principle it involves replacing the original page, hence the term defacement.

How Does It Work?

Depending on the desired impact, several means can be used to perform this type of attack. They are of varying complexity and scope, depending on the desired impact. The most common include defacement through the exploitation of the vulnerabilities of the server or site and what is known as ‘semantic’ defacement. The former enables you to change the content of a site or home page. In some cases, the hacker can simply delete all content from a site. The latter involves slightly modifying the content of different pages – to change their meaning, usually to slip in different ideas from the original ones. Unlike changing the appearance of the site, this type of defacement is subtler and more difficult for the site manager to detect.

How Can We Protect Ourselves?

Basic security measures for web servers.

To protect against defacement and certain types of semantic attack, there are several preventive measures, including:

  • the use of an integrity controller or anti-intrusion devices, in particular, application firewalls that prevent a fault on a web application being exploited;
  • installing patches on the web server. These can reduce the number of vulnerabilities and thus the likelihood of intrusion on the server;
  • verification and regular monitoring of the website to be protected by trusted persons, inside or outside the organisation. For example, a daily content integrity check.

With these three preventive measures, the likelihood of website defacement can be reduced.

Why Protect Yourself?

Companies are becoming more and more dependent on information networks. A simple change in the network can cause significant damage at economic, social, logistical, emotional or environmental level.

Moreover, as the general public is fascinated by all types of computer attacks, the media gives them wide coverage. In fact, defacement results in a sharp decline in the victim’s brand image.

In 1999, after the bombing of the Chinese embassy in Belgrade, Chinese attackers posted messages such as ‘we will not stop attacking until the war stops’ on US government websites.

In April 2001, after the mid-air collision between a US spy plane and a Chinese fighter over China and the detention of the American crew in China, groups of hackers on both sides waged an intense war. More than 1,200 American websites – and probably as many sites in China – were defaced.