January 4, 2002
(IDG News Service)
The number of vandalized Web sites recorded by defacement archive Alldas.de jumped in 2001 to 22,379, more than five times the 4,393 defacements logged in 2000.
Brazilian cybervandals are mostly responsible for the surge in defacements, according to Fredrik Ostergren, a Sweden-based security analyst and spokesman for Alldas.de, who also said that more Internet users in general are trying out tools to hack into Web sites.
"Many of the defacers we have in the scene today are located in Brazil," he said in an e-mail response to a reporter's questions. "One of the reasons for the increase in defacements is more people getting connected to the Internet, especially in Brazil."
A defacer is a hacker who breaks into a Web server and defaces the Web site by replacing or altering the front page.
Alldas.de has been tracking defacements since 1998 and offers snapshots of defaced Web sites as well as security analyses and statistics. The site gained in popularity after its U.S. counterpart Attrition.org stopped hosting copies of defaced sites in May.
More exposure for the site led to an increase in the number of defacements logged, although Alldas.de had a big network before Attrition stopped archiving, Ostergren said.
The number of defacements was especially high in April and May, with 3,003 and 3,431 sites altered, respectively. U.S. and Chinese hackers were said to be fighting a "cyberwar" in the months after a U.S. spy plane crashed in China on April 1, and the FBI warned at the time of increased attacks by Chinese hackers.
Most popular among cybervandals are well-known sites. For example, last year the Web sites owned by the Sans Institute and Amnesty International fell victim to defacers, Ostergren said.
More than 60% of defaced Web sites logged to date by Alldas.de were hosted on a Microsoft Corp. Windows server, while 20% of the sites were on servers running Linux.
Attackers mostly exploit known vulnerabilities in server software with hack software that is readily available on the Internet. Applying security patches will keep most defacers out, according to Ostergren.