Re: The Biggest Hacking Incident in Web-Hosting History?

[Carl Jongsma <info () skiifwrald com>]

Zone-h can only report the cases that are notified to them via their  
web form.  If cases are resolved before Zone-h can check, or are not  
reported, then they will go by undetected.  My own estimate is that  
Zone-h only get to know about 10-20% of the site breaches out there,  
with the remainder being used for commercial gain.  Defacers such as  
Iskorpitx tend to be in a bit of a race for fame on the archive, so I  
would expect that the majority of their defacements are recorded on  
Zone-h.

Why people don't care is a good question, and is one that  
unfortunately remains unanswered.  The experience of Zone-h, and of  
my own company (we work with Zone-h on some notifications), is that  
the clear majority of site administrators just don't care, or don't  
know enough about what is happening to care.  The next biggest  
percentage of responses are the administrators who try to shoot the  
messenger, blaming Zone-h (and us) for perpetrating the attack  
against their systems, and finally the tiniest percentage (less than  
5%) are the administrators who are grateful for the notification and  
extra evidence for their own investigations.  Unfortunately for the  
hosting industry, some of the worst responses are those that come  
from hosting companies - even after we have taken the effort to  
contact their abuse addresses, sit through their telephone helpdesk  
systems, and clearly identify what has been found to a second or  
third level tech.

Everyone likes to think that they always act rationally, but when the  
chips are down, and the company / their position is facing public  
humiliation over an incident that has taken place, then people tend  
to get upset and act irrationally.

Sincerely,

Carl Jongsma
info () beskerming com
Sûnnet Beskerming Pty. Ltd.
Adelaide, Australia
http://www.beskerming.com
Tel: 0410 707 444 / 08 8283 1154

Jongsma & Jongsma Pty. Ltd.

Established in mid 2004, Jongsma & Jongsma Pty. Ltd. is a pure  
Research and Development company focussing on advanced software and  
hardware concepts.  Since inception, Jongsma & Jongsma Pty. Ltd. has  
already developed software tools for advanced user and security  
management in web applications, complete data protection, and  
effective phishing defences for financial companies.

Sûnnet Beskerming Pty. Ltd.

Established in mid 2004, Sûnnet Beskerming Pty. Ltd. is the sister  
company to Jongsma & Jongsma Pty. Ltd., and was formed to develop and  
commercialise the research coming out of Jongsma & Jongsma Pty. Ltd..  
Sûnnet Beskerming Pty. Ltd. is an Information Security specialist  
and, in conjunction with the tools developed by Jongsma & Jongsma  
Pty. Ltd., provides total security solutions and services, from the  
perimeter to internal data stores, including web application security  
and security testing and analysis.



_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.