Information Security News mailing list archives
Re: Defacements/Server Compromise, Some Companies Simply Don't Care
From: InfoSec News <isn () c4i org>
Date: Fri, 28 Dec 2001 22:15:47 -0600 (CST)
Forwarded from: Robert G. Ferrell <rferrell () texas net> At 01:18 AM 12/28/01 -0600, you wrote:
Do the companies care? Evidently not. How many website defacement "crackers" have you seen convicted lately? Although I understand that Law Enforcement cannot prosecute all of the cases that could be presented in relation to defacement, they could in fact compile statistics relative to the M.O. of the cracker. This job is currently done by civilians! Personal web sites are devoted to the statistical analysis of web site defacements, where the information generated is done so by civilians. If in retrospect, this was done by a civilian, in relation to say arson, would we not have cause for concern?
While I can't comment any further, let me say that I'm involved at the moment in several investigations of defacements of U.S. government web sites, at least one of which has already resulted in a plea of guilty. They just don't always make the news. I would also like to add that just because you haven't heard of any databases of defacement statistics being compiled by law enforcement doesn't mean they don't exist... ;-) Cheers, RGF Robert G. Ferrell rferrell () texas net http://rferrell.home.texas.net/rgflit.html - ISN is currently hosted by Attrition.org To unsubscribe email majordomo () attrition org with 'unsubscribe isn' in the BODY of the mail.
Current thread:
- Defacements/Server Compromise, Some Companies Simply Don't Care InfoSec News (Dec 28)
- <Possible follow-ups>
- Re: Defacements/Server Compromise, Some Companies Simply Don't Care InfoSec News (Dec 29)