Intercepting them as they are transmitted over the network.
Be Cyber Smart: Win Against Website Defacing
Web defacement is an attack on a website that alters its visual appearance or content. An attacker finds a way to modify the files or contents of a website without the owner’s permission. People who deface websites are called defacers.
Often, cybercriminals add messages of a social, religious or political nature, or swear words and other text that is unrelated to the subject of the site. In some cases, attackers advance causes they believe in using the company website. For example, in 2020, former President Trump’s personal website was defaced by hackers who disagreed with his political ideologies. Unlike many cybercriminals, defacers seek publicity and as such, they often leave behind traces that can be used to identify them which may include their contact details.
Defacement techniques
There are several ways defacers may attack your website. They can brute-force the credentials of the site administrator; exploit vulnerabilities in site components such as performing an SQL injection (SQLi) or cross-site scripting (XSS) or infect the administrator’s device with malware. The attackers either embed their message in existing web pages or create their own. The original site can be made inaccessible to users, damaged or completely deleted.
Popular Incidents
Some of the world’s biggest websites have been hit by defacement attacks at some point. A defacement attack is a public indicator that a website has been compromised. This negatively impacts the brand and lives beyond the incident – even after the attacker’s message has been removed.
In 2012, users could not access Google Romania. Instead, they were redirected to a defacement screen posted by MCA-CRB, the “Algerian Hacker”. The defacement was in place for at least an hour. The attack was performed by DNS hijacking i.e. attackers managed to falsify DNS responses and redirect users to their own server instead of Google’s. The same attack was carried out against the domain Paypal.ro. The MCA-DRB hacker group was responsible for 5,530 website defacements across all six continents, many of them targeting government sites.
In 2019, Georgia – a small European country experienced a cyber-attack wherein 15,000 websites were defaced, and then knocked offline. Among the websites affected were government websites, banks, the local press and large television broadcasters. A Georgian web hosting provider called Pro-Service took responsibility for the attack, releasing a statement that a hacker breached their internal systems and compromised the websites.
Website defacement damage
Web defacement almost always results in reputational damage for the owner of the targeted site. In some cases, the harm can also be financial. For example, defacement of an online store can undermine customer trust. Customers trust that company websites are secured, and they can access services and products 24 hours a day. Inappropriate content in a website can lower a site’s ranking in search results and is some cases can even lead to exclusion.
Companies may also have potential data breach where the hackers can carry out more sinister activities without getting detected. For example, they could steal sensitive information, install malware, or perform privilege escalation. This may have a negative impact on the site’s ranking and usage. Defaced website may be flagged or identified as causing harm to its users. Search engines such as Google may add it to its blacklist. This may translate into a 95% loss of website traffic that could have been gained from Google search results.
How to differentiate a safe shopping site from a fraudulent one
Check the SSL certificate : SSL stands for ‘Secure Sockets Layer’ and is an indication that a website is secure. Essentially, it is an encryption method which websites that ask for sensitive or personal information – such as your credit card details – should have. To check that an online shopping website has an up-to-date SSL certificate, look for a padlock icon in the URL bar of your web browser, or check that the URL starts with HTTPS, not HTTP (the S stands for “secure”).
Look for a privacy statement : A privacy policy explains how the business collects, uses, and stores sensitive data from its customers. While laws and regulations vary worldwide, reputable online retailers should have a clear privacy statement. If they do not, it could be a red flag. Steer clear of deals that seem too good to be true. If a website appears to be selling designer clothes or jewelry or electronics for considerably less than the usual retail price, be very suspicious. You could be handing over money for fakes or replicas.
Verify the address and location : Before you give away your credit or debit card information, check if the address and phone number are authentic. Legitimate retailers will usually have a contact number and physical address visible in either the header or footer. If you are not sure whether an online shop is genuine, one way to check is by copying and pasting their address details into a search engine to see if their location is verifiable. Fake sellers will either not provide an address or use a fake one.
Check if the website accepts credit cards : Credit cards are considered one of the safest methods of making online transactions since it is easier for credit card issuers to refund money lost to fraud. Websites that do not accept credit card payments could be a cause for concern because it is more difficult for fraudulent websites to become certified by credit card companies.
Look at online reviews : while reviews can be fake, it is still helpful to look at the overall pattern of reviews from other customers when shopping online. Trusted review sites can give you a sense of how genuine a retailer is and what other customers think before you purchase.
Preventing defacement
The first thing is – be #cybersmart! Preventing website defacement attacks helps companies avoid the reputational damage and cleanup work that comes with a breach. Website defacement attacks often require exploiting multiple vulnerabilities in your systems. For this reason, companies are advised to adopt a defense-in-depth approach to securing their systems.
The risk of website compromise, including defacement, can be reduced through standard security measures which include regular updates of third-party software used on the site; elimination of vulnerabilities in site components such as scripts and databases; use of unique, strong passwords for administrator accounts; security audit and penetration testing, use of parameterized statements to defend against SQL injection and preparation to respond defacement incidents. There are also solutions that allow companies to automatically track changes made to websites.
Be cybersmart, be proactive, be reactive; prevent and report cybersecurity incidents and help us keep Eswatini safe and secure.
