Website Defacement – What is it?

Website defacement is hard to imagine but visualize this —you have finally moved into your dream neighborhood and are excited to spend your first night in your new home.

You’ve dreamed of owning a house like this your entire life. You put in a lot of time and effort, as well as financial investment into this house. You’ve finally made it and can rest assured. The next morning after a great night’s sleep, you go outside to pick up your mail. However, you see this on the side of your house:

defacement graffiti

Graffiti. Some delinquents outside of the neighborhood came when you were sleeping. They drew all kinds of messages on your treasured new home. As with most people, you would most likely not be happy with the situation. You may even possibly look into home security to prevent a similar situation from ever happening again.

We all know that unwanted graffiti on your home or business establishment is considered vandalism. However, did you know that your website could also be vandalized? A hacker can break into your website and either upload unauthorized files or post malicious changes on your website. This act of virtual vandalism is called website defacement. Just like the delinquent who spray-painted a scribble on your wall, a hacker oftentimes defaces your website. Not for any monetary gain, but rather, just for bragging rights.

The Dangers of Website Defacement?

Although most hackers who intentionally make changes on your website may not be looking to steal your or your users’ private information for identity theft, website defacement is still dangerous to anyone’s business. Website defacement attacks affect your reputation as hackers can manipulate pricing for online retailers, make embarrassing changes to article posts or even upload unwanted photos. One of the most harmful website defacement methods—phishing links—cause both harm to you and your users. Using a phishing link, a hacker can lure your users to a website that looks just like yours and ask for their private information. Once your website is recognized by your hosting company as a website with a phishing link, it will shut your website down and blacklist it.

You Have Random Changes On Your Website. Now What?

Hackers launch website defacement attacks by directly cracking into a server to deface its website. Cloudbric, powered by WAPPLES, prevents unauthorized users (hackers) from uploading files or changing your website’s content by blocking any malicious traffic that is reminiscent to a hacker’s characteristics. Cloudbric constantly monitors your website’s response data, which is your website’s communication to our server. Once that response data differs from your website’s original content, we flag the changes on your website for you to check. If the change is obviously malicious (with explicit content or the addition of phishing websites), Cloudbric blocks these unauthorized changes automatically.

In addition, Cloudbric saves and stores the location of your website’s original static content, whether they being on static or dynamic pages, so that even if your website was ever defaced, you can easily restore it.

Just like how your home can be vandalized by some delinquents, so can your website. Just like the example of your beautiful home being defaced, it may be difficult to stop someone from spray-painting graffiti on your home without having a security personnel constantly watch your home. Cloudbric is the security that your website needs to prevent delinquents from making changes on your website or even worse, add malicious phishing sites that steal users’ personal information.


 

This blog post was originally featured on cloudbric.com. Visit their blog for more insight, news, and accessible information on web threats and trends. If you would like to learn more about Cloudbric’s logic-based WAF service, please contact info@cloudbric.com.