The eBanksy revolution

The revolution will not be televised, it will be online. The eBanksy movement is rising and businesses need to be ready.

Regardless of your opinions on the morals of virtual vandalism, the actions mirrored on Zone-H.org are illegal in most countries, as the site itself has acknowledged.

In fact, the posting service has said before one of its main purposes is to highlight trends rather than act simply as a forum for defacers, refuting claims it is at the heart of the problem.

Interestingly, Mikko Hypponen, chief research officer at F-Secure, recently informed me one of the service's founders Roberto Preatoni had been arrested before. According to various reports, he was accused of being involved in a spying scandal while working for Telecom Italia.

And yet Preatoni has been a big shot in the security sphere for some time and, having been a mainstay at various legitimate conferences in the past, it appears he has been something of a boon to the security industry as a whole. Make of that what you will.

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

So, the defacement scene is evidently one where moral values are blurred. Nevertheless, in legal terms it is wrong and anyone involved in it risks being snared by the law.

How to hack

A quick note on how the graffiti artists' are actually going about the work.

The main problem, as many of the defacements themselves note, is a site's security, or problems at a host's end where the website is held. Indeed, mass defacements, which are also celebrated as a mark of achievement, are the result of a hacker gaining access to a hosting company's servers.

One of Zone-H.org's administrators going by the name of Marcelo Almeida recently explained in a website post that poor security was to thank for the boom in defacements.

"Most of the vulnerabilities exploited are on web applications," Almeida said.

Advertisement - Article continues below

"But not only web applications are guilty, as poor local system security on various web hostings usually allow crackers to get full access to the servers."

Worms and viruses have also been used in the past to gain access credentials and exploit hosts. Sometimes hackers will not just leave their mark, they'll steal data as well.

As noted by Almeida, the methods have largely remained the same since Zone-H.org was launched in 2002, and yet thousands of sites are exploited every week.

"It comes down to patching or poor administration in the web server," Jason Hart, CRYPTOCard senior vice president in Europe and ethical hacker, told IT PRO.

Advertisement
Advertisement - Article continues below

Hart has seen a number of big name organisations hit by eBanksy attacks in the past, from the White House to certain Renault car dealerships. Back in 2006 there were reports of Apple's Korean site being defaced, so this clearly is not something only affecting small timers.

Put simply, organisations of all sizes need to wake up and secure their sites.

Advertisement - Article continues below

"They need to ensure their websites are patched and that they have all the correct security controls in place, with all the latest patches," Hart added.

"They need to constantly monitor their websites. If they are getting a third-party to host their website they need to ensure that the third-party can prove they have adequate security controls in place."

Featured Resources

The IT Pro guide to Windows 10 migration

Everything you need to know for a successful transition

Download now

Managing security risk and compliance in a challenging landscape

How key technology partners grow with your organisation

Download now

Software-defined storage for dummies

Control storage costs, eliminate storage bottlenecks and solve storage management challenges

Download now

6 best practices for escaping ransomware

A complete guide to tackling ransomware attacks

Download now
Advertisement

Most Popular

Visit/cloud/microsoft-azure/354230/microsoft-not-amazon-is-going-to-win-the-cloud-wars
Microsoft Azure

Microsoft, not Amazon, is going to win the cloud wars

30 Nov 2019
Visit/mobile/mobile-phones/354273/pablo-escobars-brother-launches-budget-foldable-phone
Mobile Phones

Pablo Escobar's brother launches budget foldable phone

4 Dec 2019
Visit/network-internet/wifi-hotspots/354283/industrial-wi-fi-6-trial-reveals-blistering-speeds
wifi & hotspots

Industrial Wi-Fi 6 trial reveals blistering speeds

5 Dec 2019
Visit/hardware/354237/five-signs-that-its-time-to-retire-it-kit
Sponsored

Five signs that it’s time to retire IT kit

29 Nov 2019