A group of hackers infiltrated the United Nations’ Web site over the weekend, defacing the page of Secretary-General Ban Ki-Moon with antiwar political graffiti.
Hackers reportedly replaced portions of recent speeches made by Ban with accusations that the United States and Israel are killing children. An Italian software developer first reported the hacked Web site, which was out of commission for most of Sunday as the UN scrambled to scrub it of the insertion. By Monday it was operational again.
By all accounts, the attack appeared to have been a SQL injection exploit, allowing the hackers to add their own HTML code to the Web site. The graffiti on the Web site suggested that at least three hackers that use the name CyberProtest were involved.
The Next Step
Beyond some embarrassment, political graffiti does not cause much harm either in cyberspace or in the real world. However, the fact that hackers were able accomplish their goals could have deeper ramifications, Sophos security consultant Ron O’Brien told TechNewsWorld.
“The concern about the ability to hack public Web sites is increasing because in addition to defacing the Web site, it is also possible to embed malware,” he commented.
No malware was embedded in the UN site during this attack, he added.
The Latest Vector
It is becoming increasingly clear that infecting public Web sites is the latest preferred vector for hackers, he said.
“We are asking everyone who owns or runs a Web site to make sure they are not vulnerable in that respect,” O’Brien said.
The best way to ensure a Web site is free of malware is to scan it at the server level, he noted.
From 5,000 to 29,000
Over the last month there has been a huge surge in such attacks on Web sites, he added — from 5,000 per day a month or so ago to an average of 29,000 per day now.
More worrisome is that some are legitimate and well-trafficked Web sites. Besides the UN, the IRS and the U.S. Department of Transportation have had their Web sites hacked recently, according to O’Brien.
The typical end goal for these attacks has been to establish armies of zombie computers that can be used in subsequent attacks.
More Than Just a Prank
Over the July 4 weekend, for example, a large malware campaign circulated using e-greeting cards.
“You clicked on the card and were redirected to the Web site that contained the malicious code,” O’Brien said.
Last week, the cyberspace community saw the first fruits of that campaign: the largest spam cycle to date, according to O’Brien.
The attack helped further a pump-and-dump stock scheme that Sophos called one of the largest to date.