The eBanksy revolution

The revolution will not be televised, it will be online. The eBanksy movement is rising and businesses need to be ready.

Regardless of your opinions on the morals of virtual vandalism, the actions mirrored on Zone-H.org are illegal in most countries, as the site itself has acknowledged.

In fact, the posting service has said before one of its main purposes is to highlight trends rather than act simply as a forum for defacers, refuting claims it is at the heart of the problem.

Advertisement - Article continues below

Interestingly, Mikko Hypponen, chief research officer at F-Secure, recently informed me one of the service's founders Roberto Preatoni had been arrested before. According to various reports, he was accused of being involved in a spying scandal while working for Telecom Italia.

And yet Preatoni has been a big shot in the security sphere for some time and, having been a mainstay at various legitimate conferences in the past, it appears he has been something of a boon to the security industry as a whole. Make of that what you will.

So, the defacement scene is evidently one where moral values are blurred. Nevertheless, in legal terms it is wrong and anyone involved in it risks being snared by the law.

How to hack

A quick note on how the graffiti artists' are actually going about the work.

The main problem, as many of the defacements themselves note, is a site's security, or problems at a host's end where the website is held. Indeed, mass defacements, which are also celebrated as a mark of achievement, are the result of a hacker gaining access to a hosting company's servers.

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

One of Zone-H.org's administrators going by the name of Marcelo Almeida recently explained in a website post that poor security was to thank for the boom in defacements.

"Most of the vulnerabilities exploited are on web applications," Almeida said.

"But not only web applications are guilty, as poor local system security on various web hostings usually allow crackers to get full access to the servers."

Worms and viruses have also been used in the past to gain access credentials and exploit hosts. Sometimes hackers will not just leave their mark, they'll steal data as well.

As noted by Almeida, the methods have largely remained the same since Zone-H.org was launched in 2002, and yet thousands of sites are exploited every week.

"It comes down to patching or poor administration in the web server," Jason Hart, CRYPTOCard senior vice president in Europe and ethical hacker, told IT PRO.

Hart has seen a number of big name organisations hit by eBanksy attacks in the past, from the White House to certain Renault car dealerships. Back in 2006 there were reports of Apple's Korean site being defaced, so this clearly is not something only affecting small timers.

Advertisement - Article continues below

Put simply, organisations of all sizes need to wake up and secure their sites.

"They need to ensure their websites are patched and that they have all the correct security controls in place, with all the latest patches," Hart added.

"They need to constantly monitor their websites. If they are getting a third-party to host their website they need to ensure that the third-party can prove they have adequate security controls in place."

Featured Resources

Staying ahead of the game in the world of data

Create successful marketing campaigns by understanding your customers better

Download now

Remote working 2020: Advantages and challenges

Discover how to overcome remote working challenges

Download now

Keep your data available with snapshot technology

Synology’s solution to your data protection problem

Download now

After the lockdown - reinventing the way your business works

Your guide to ensuring business continuity, no matter the crisis

Download now
Advertisement

Most Popular

How do you build a great customer experience?
Sponsored

How do you build a great customer experience?

20 Jul 2020
Labour Party donors caught up in Blackbaud data breach
data breaches

Labour Party donors caught up in Blackbaud data breach

31 Jul 2020
Why it’s time to expand beyond 16:9 monitors
Advertisement Feature

Why it’s time to expand beyond 16:9 monitors

21 Jul 2020