Website Defacement Isn't Exactly CyberTerrorism

Today, Marisol over at Jihad Watch blogged about a Pennsylvania youth opera website getting defaced by a "Turkish Islamic Extremist Group" called MDX.




I personally think everyone should take this stuff with a gain of salt. Web Defacements happen all the time everyday....24 hours a day. I was talking to a friend from Zone-H and he informed me that most of these groups are made up of 12-17 year old kids running non-targeted scripts, looking for vulnerable machines.

These scripts don't care who you are...or what you sell or what your company/school name is...if you are running old vulnerable software, you will become roadkill. Period.

So think about this next time you hear one of the high brass in a suit say the following - "Why would anyone want to hack us or our website?? We are just a little company that sells X"

In the end, most of the purely political hacks are targeted on very few IP addresses...and I highly doubt that this MDX defacement of a school website in PA falls in that range.

Basically this is a very far cry from anything close to "Cyber-Terrorism".

I mean just today, a rather well-known group going by the name "Iran Black Hats Team" hacked about 20-25 websites running on Linux servers...but I didn't see a local new article on them. They aren't using some new Linux 0day...they are hacking sites with known vulnerabilities. Servers that should have been patched a long time ago.

Living proof that we have a long way to go on security education for the general public (and for the IT professionals running these sites).



Moral of the Story - This isn't new and politics has been the driving force behind web defacements for years.