The Race to Deface

Defacements of Web sites hit a new peak in December 2004, according to statistics compiled by zone-h.org, which has a database of what it calls “Web server cybercrimes.”

The data show that the number of mass defacements—for example, when a hosting-company’s server is compromised, allowing multiple sites to be defaced—was near 60,000 in December, about double the previous month. (The previous high was in January of last year, when close to 50,000 sites were defaced.)

The zone-h.org statistics show that Web sites running the Linux operating system are most frequently defaced, followed very closely by Windows. A year previously, Linux was attacked much more frequently than Windows, but by the end of 2004, the numbers were nearly the same.

How were so many Web sites defaced? According to the statistics, up until October, there was a fairly even mix of causes, including unpatched systems, new vulnerabilities, configuration errors, brute-force attacks, and social engineering. However, the number of configuration mistakes soared at the end of the year to account for about 35,000 of the defacements, with known vulnerabilities accounting for just over 15,000. 

@ Get more details of the 2004 Web Server Intrusion Statistics via SM Online.