Friday, February 7, 2014

Threat Agent Profile: Vandals

Vandals are out to damage stuff. In the physical world they smash mailboxes, break car windows, and spray paint walls. In the electronic world they deface web sites and DoS networks. They aren’t necessarily after specific targets, except for those that will impress themselves and their peer group. Vandals typically go after sites that are easy to compromise – systems that will fall to the single fire point and click exploits. Or, they’ll sometimes guess the password for the domain name registration records and redirect all traffic to another site.

Zone-h.org tracks web site defacements. During the period of January 2008 – April 2010, Zone-H reported that over 1.4 million web sites were defaced.[1] Sixty-seven percent of the defacements were for either reputation, for fun, or for the challenge.  The vast majority of the sites compromised are easy targets belonging to small organizations that have very poor security practices.