Below is a list of US governmental websites which were defaced by crackers – or elite hackers as the media would say – since 26th of June 07 until late February 2008. It is quite interesting to know that most of the security vulnerabilities affecting the following *.gov websites are known for some years now.
Through the following post I am not purposing to influence you to start defacing, but to briefly give you a better understanding of how and why it is done.
Almost everyday I visit Zone-H’s archive of special digital attacks, I find that at least 1 or 2 attacks were done against US governmental web servers. The domain suffix of the defaced websites was *.gov. Does this fact means that they are totally secure? I don’t think so… Obviously the web servers may host very confidential data. In this case the web server administrators seemed to have allowed threats against governmental assets. Any unwanted consequences that a breach of security can lead to, are mainly caused by the irresponsibility and lazyness of system administrators and web developers.
The goals of XSSed.com are to provide informative resources on cross-site scripting(XSS) vulnerabilities and exploitation methodologies, and to archive XSS vulnerable websites for statistic purposes. Mirroring websites is a way to prove to vendors and webmasters that the vulnerability really existed – in case of denial. Users will become more aware on protecting themselves on some websites, as XSS vulnerabilities are mostly targeting the users and not the websites.
XSSed.com is also an attempt to spread education and awareness about XSS to IT professionals and amateurs involved or interested in secure web application development.
Everyday, the security of many high-profiled governmental, military, educational and corporate websites, is broken into by crackers who deface them. Although some defacers protest against wars and other just send greets to their cyberdudes, I believe that their true motive is to get to the top of the lead in “special” defacements. The defacers don’t want to admit this as the real reason for their attacks.
Two websites belonging to MSN (Microsoft Network) in the United Kingdom, were defaced today by an attacker who goes by the nickname “DARK LORD“. It looks like someone who is unethically testing his SQL injection skills, and “feeding” himself with a false sense of pride, just by leaving the message “DARK LORD WAZ HERE”.
No. I am not a defacer psychologist. I am just expressing my personal opinion on the matter, which is this: If a website defacement doesn’t convey a meaningful message, then it is done for selfish reasons.
A bit of an embarassment for Microsoft’s sysadmins…