This article does not cite any sources. (December 2012) (Learn how and when to remove this template message)
Website defacement is an attack on a website that changes the visual appearance of the site or a webpage. These are typically the work of defacers, who break into a web server and replace the hosted website with one of their own. Defacement is generally meant as a kind of electronic graffiti and, as other forms of vandalism, is also used to spread messages by politically motivated "cyber protesters" or hacktivists.
A common method of defacement is using SQL injection, which allows adversaries to gain administrative access or otherwise tamper with insecure website databases. Another method of defacement is through FTP once the username and password are obtained.
Defacements usually consist of an entire page. This page usually includes the defacer's pseudonym or "Hacking Codename."[clarification needed] Sometimes, the defacer makes fun of the system administrator for failing to maintain server security. Most times, the defacement is harmless and is only done to show off a system cracker's skills or for hacktivism; however it can sometimes be used as a distraction to cover up more sinister actions such as uploading malware or deleting essential files from the server.
Religious and government sites are regularly targeted by hackers in order to display political or religious beliefs, whilst defacing the views and beliefs of others. Disturbing images and offensive phrases might be displayed in the process, as well as a signature of sorts, to show who was responsible for the defacement. Websites are not only defaced for political reasons; many defacers do it just for the thrill. For example, there are online contests in which hackers are awarded points for defacing the largest number of web sites in a specified amount of time. Corporations are also targeted more often than other sites on the Internet and they often seek to take measures to protect themselves from defacement or hacking in general. Websites represent the image of a company or organisation and these are therefore suffer significant losses due to defacement. Visitors may lose faith in sites that cannot promise security and will become wary of performing online transactions. After defacement, sites have to be shut down for repairs and security review, sometimes for an extended period of time, causing expenses and loss of profit and value.
- Romagna, M.; van den Hout, N. J. (October 2017). "Hacktivism and Website Defacement: Motivations, Capabilities and potential Threats". Proceedings of the 27th Virus Bulletin International Conference: 41–50. Retrieved 8 October 2017.
- Halfacre, John. "Protecting Against Website Defacement". RemoveMalware.net. Retrieved 16 June 2017.