Web server hacks and Web site defacement are growing at a hefty pace, according to Zone-H, an Internet security monitoring group that released findings of a new study this week at the Infosecurity Europe 2005 event in London.
Although it may often be seen as digital graffiti committed by so-called “script kiddies” — lower level computer hackers who are motivated primarily by notoriety — server attacks and site defacements were up by 36 percent last year with an average of 2,500 out of 45 million Web servers successfully hacked every day, according to Zone-H.
At the same time security experts indicated the server hacks and site defacements can be a sign of deeper, more dangerous data and IT vulnerability. Zone-H also said there is more mayhem on the way with the additional Internet protocol (IP) addresses coming with Voice over IP (VoIP)-enabled mobile phones.
“Once GSM telephone platforms are replaced by VOIP/3G phones which work in the same way as Internet servers, the number of Web servers will increase to 1.5 billion,” said a statement from Zone-H’s Robert Preatoni. “Each of these phones/terminals will be potentially subject to the same vulnerabilities as traditional Web servers and personal computers, and by a process of simple multiplication, there could be as many as 80,000 hacks a day on these devices that will often hold the digital equivalent of someone’s life!”
Same Techniques as Serious Crooks
Reporting that there were more than 392,500 recorded Web server attacks, more than 70,000 single defacements and 322,000 mass defacements in 2004, Zone-H warned the compromises and defacements are indicative of more serious security issues.
“Defacement is just one option for an attacker,” Preatoni said. “In most circumstances, the techniques used by defacers are the same techniques used by serious criminals to cause more serious damage.”
Among other Zone-H findings: There were 186 special attacks on U.S. government servers, 49 special attacks on U.S. military servers, 3,918 special attacks on government domains worldwide, and more than half a million mass defacements from 2000 to 2004.
Defacement for Dummies
While defacements can be indicative of more serious vulnerabilities, such attacks are typically considered more of a simple nuisance by companies and IT organizations, iDefense director of malicious code Ken Dunham told TechNewsWorld.
“In a typical defacement, they deface it and move along and that’s all there is to it,” he said.
The security expert said Web server hacks and defacements, which are increasingly performed with simple and automated tools, can actually alert an organization to more serious vulnerabilities they need to fix, however.
Dunham agreed that attacks are likely to increase as VoIP-enabled handsets broaden the pool of vulnerable IP addresses.
“The reason why is it’s an emerging technology; it’s new,” Dunham said.
Leading to Data Loss
Basex CEO and chief analyst Jonathan Spira said although a simple defacement of its site may not be too harmful for a company, the defacement tactics can lead to data loss.
“It really depends on the nature of the attack,” Spira told TechNewsWorld. “Obviously, if it’s graffiti or vandalism, it probably won’t hurt the company’s image too much, but it it’s a moderate change and it hijacks a domain and captures customer information, that has more ramifications.”
Spira said organizations must survey their Web site security frequently to avoid the often simple attacks that lead to compromised servers and defacements.
“There’s simply no excuse for that type of lax security at this point,” he said.