Blog : Web Defacement

Web Defacement

Written by Rohas Nagpal
Friday, 16 April 2010 12:59 - Last Updated Monday, 19 April 2010 08:40
Website defacement is usually the substitution of the original home page of a website with
another page (usually pornographic or defamatory in nature) by a hacker.
Religious and government sites are regularly targeted by hackers in order to display political or
religious beliefs. Disturbing images and offensive phrases might be displayed in the process, as
well as a signature of sorts, to show who was responsible for the defacement. Websites are not
only defaced for political reasons, many defacers do it just for the thrill.
Scenario: The homepage of a website is replaced with a pornographic or defamatory page. In
case of Government websites, this is most commonly done on symbolic days (e.g. the
Independence day of the country).
Modus Operandi: The defacer may exploit the vulnerabilities of the operating system or
applications used to host the website. This will allow him to hack into the web server and
change the home page and other pages. Alternatively, he may launch a brute force or dictionary
attack to obtain the administrator passwords for the website. He can then connect to the web
server and change the webpages.
Usual motives: Thrill or a perverse pleasure in inciting communal disharmony.
Applicable law (Before 27 October, 2009): Sections 43 & 66 of the Information Technology
Act and in some cases sections 67 and 70 may also apply.
Applicable law (After 27 October, 2009): Sections 43 & 66 of the Information Technology Act
and in some cases sections 66F, 67 and 70 may also apply.