Even for users like webmasters and IT staff, give them only the privileges they actually need to perform their roles.
Use the Principle of Least Privilege (POLP)īy limiting privileged or administrative access to your websites, you reduce the chance that a malicious internal user, or an attacker with a compromised account, can do damage.Īvoid giving administrative access to your site to individuals who don’t really need it. The following are simple best practices you can implement today to protect your website and minimize the chances of a successful defacement attack. Website Defacement Prevention: DIY Best Practices A Georgian web hosting provider called Pro-Service took responsibility for the attack, releasing a statement that a hacker breaches their internal systems and compromised the websites. Among the websites affected were government websites, banks, the local press and the large television broadcasters. In 2019, Georgia, a small European country, experienced a cyber attack in which 15,000 websites were defaced, and then knocked offline. Largest cyber attack in Georgia’s history The MCA-DRB hacker group was responsible for 5,530 website defacements across all five continents, many of them targeting government sites. The same attack was carried out against the domain paypal.ro. The attack was performed by DNS hijacking-attackers managed to falsify DNS responses and redirect users to their own server instead of Google’s. The defacement was in place for at least an hour. In 2012, users could not access Google Romania, and instead were taken to a defacement screen posted by MCA-CRB, the “Algerian Hacker”.
The attack raised concerns about the safety of medical data controlled by the NHS. The defacement message said “Hacked by AnoaGhost.” The message was removed within a few hours, but the site may have been defaced for as long as five days. In 2018, the BBC reported that a website hosting data from patient surveys, operated by the UK National Health Service (NHS), was defaced by hackers.
A defacement attack is a public indicator that a website has been compromised, and causes damage to the brand and reputation, which lasts long after the attacker’s message has been removed. Some of the world’s biggest websites have been hit by defacement attacks at some point. Message displayed during defacement of a UK National Health Services website in 2018.