(also defacement attack)
Website defacement definition
Website defacement is a malicious activity, an attack on a website that changes its visual appearance. Defacers break into the server and remove the web host. Activists or cyber protesters usually spread political content this way. They remove the existing content on the website and replace it with what they want to say, sometimes including rude or questionable language that might not make sense. Sometimes they do it for fun, but their main goal is to ruin the reputation of the website or to cause harm to the website owner.
Website defacement real-life examples
- NHS defacement attack. In 2018, BBC news reported that a webpage operated by the UK National Health Service, which hosted data from patient surveys, was defaced. The message left by the hackers said, “Hacked by AnoaGhost.“ Even though the message was removed within a few hours, the attack lasted multiple days, which raised concerns among the NHS.
- Largest cyber-attack in Georgia’s history. The most significant cyber-attack, during which 15,000 web pages were attacked and removed from the internet. It happened in Georgia in 2019. The defaced websites included banks, government websites, large television broadcasters, and the local press. A local hosting provider called Pro-Service was blamed and took responsibility for the attack.
Preventing website defacement
- Limit who has access to your website.
- Use strong authentication mechanisms, such as multi-factor authentication.
- Always keep the website’s software and plugins up-to-date.
- Use long and complex passwords and change them regularly.
- Be careful what files you upload.
- Perform regular antivirus scans to make sure your device isn’t infected.
- Backup periodically and store the backups in a secure location.
- Implement security monitoring tools and processes.
- Install a web application firewall (WAF)