Trend Micro has released their report into 13 million website defacements over an 18-year period. The report, titled “A Deep Dive Into Defacement,” looks at website defacement between 1998 and 2016. The 64-page report finds a correlation between defacement and real-world conflicts.
The report found that major world conflicts led to large-scale web defacement.
Defacements were analyzed by the company, which found that the majority of website defacement was motivated by religion and politics. Hacking groups were brought together by many attacks, allowing for sustained defacement over a long period of time.
Trend Micro notes that web defacements will continue for the foreseeable future and may become worse thanks to the Internet of Things (IoT).
IoT devices are often hacked into and defaced without the owner knowing the problem exists. One example displays a router control panel that has been defaced. The defacement would only be seen if the owner of the router entered the control panel. IoT devices are often run on web servers that have been stripped down. Trend Micro suggests that hackers will be able to transition from websites to IoT devices easily.
Defacers often choose the world’s best web hosts to target. Hackers will target websites with known vulnerabilities and unpatched security holes on a wide scale. While some of the web hosting providers are tackling this issue head-on, some of them aren’t and these providers are the ones being targeted the most by hackers.
Pakistan is said to be leading defacement campaigns, with groups from the country defacing some 15,000 sites since 2011. Activists are paving the way of defacing websites, with many trying to spread their political ideologies and agendas by spreading messages on other websites.
Ohio’s government websites are a prime example of political agenda spreading by sympathizers of ISIS and Syria. The hackers caused several of the state’s websites to be taken offline to fix the problem.
“Free Kashmir” was the leader in defacements from Pakistan. The campaign, which was launched in 2011 by two hacking grounds, was meant to spread the word about human rights abuses in Kashmir. India’s armed forces are reported to have committed abuses against residents in the territory.
Political defacement is very common, with the #OpIsrael campaign attracting more than 500 attackers. The campaign was triggered by the conflict between Palestine and Israel.
Charlie Hebdo, a French magazine, made headlines after publishing satirical works of Muhammed. The magazine, known for its satirical work, many of which target religion, was the center of attacks in 2015 when gunman stormed the magazine’s officers. Muslim nations continued to attack French websites showing their support for the attack after 12 people were killed and 11 injured by gunmen.
Hackers involved in defacement are not stealing website data or database information in most cases. The sensitive data is the next target of hackers, according to the report. The report states that “after defacing websites, the next step would seem to be capitalizing on the available information on compromised sites.”
The report goes on to suggest that the defacement groups can choose to monetize their attacks through malicious codes placed on defaced websites. The pages could even be used as a means of spreading ransomware to websites visitors.