Digital Vandalism: The Overlooked Problem That Is Web Defacement and How To Deal With It

Written by: Martin Dale Bolima, Tech Journalist, AOPG.

Vandalism also occurs in cyberspace and is known as web defacement. It also happens to be a big problem—just as big as ransomware and data breaches.

Web defacement, or website defacement, refers to the unauthorised alteration or modification of a web page or website. This defacement can take different forms, like superimposing logos or texts on the web page and removing parts of the site or changing them. Matthias Chin, CEO at Cloudsine (now WebOrion), describes web defacement as being “like vandalism or graffiti in the digital world.”

An Evolving Scourge in Cyberspace

Over time, however, web defacement has evolved into something far more sinister.

“Firstly, websites have become a really important digital presence for any business or organisation, especially post-COVID when people have had to work remotely or from home,” Chin explains. “So, any vandalism or hacking of the public website will mean a big reputation impact or even unavailability of critical services. Secondly, web defacements have evolved beyond the vandalism mode. We have seen many cases when attackers hijacked the scripts in the websites for card skimming, phishing or fraud purposes.”

In other words, web defacement is now more than just a case of digital graffiti.

Take the Malaysia Immigration website, for instance, which was recently victimised by web defacement. The incident did not necessarily expose sensitive data, but it did disrupt the site for over 12 hours. The case of British Airways, on the other hand, was far worse, as hackers utilised web defacement with malicious JavaScript to siphon off over 380,000 credit card details.

A Nuisance Then, a Major Headache Today

A decade or so ago, the biggest implication of web defacement was that it tarnished the online presence of an organisation. But, again, that is not the case anymore as web defacement is now generally just a part of a more serious attack. It is also quite common, according to Chin, whose company, WebOrion, has been monitoring and remediating web defacements since its founding in 2012 in Singapore.

“We see it as a big problem. Over 50,000 websites are being hacked on a daily basis. Many of them could be personal or small- to medium-sized websites, but we have seen government and large corporate sites being hacked as well,” Chin notes. “According to a Verizon Data Breach Report, over 60% of security incidents are from websites and 40% of actual breaches were due to web vulnerabilities.”

Making matters worse is the level of sophistication of today’s attackers, who are, according to Chin, “going beyond script kiddies and becoming highly skilled professional groups serious about stealing data and money from websites.”

To elaborate on the crux of the problem, the WebOrion CEO offers up an easy-to-understand analogy.

“Imagine having a really nice house with a fabulous front door with no lock or security. Robbers can easily go in and out of your nice house, steal things and leave a nice graffiti on your door. That sounds crazy right?” Chin points out. “In today’s digital world, we can have very advanced IT systems and really nice websites, but hackers all over the world will be constantly probing your websites, emails or other attack surfaces to get into your system.”

Protecting and Securing the House

Organisations are doing what they can to protect and secure this really nice house—from putting up firewalls to monitoring and restoration, which Chin says are must-haves in today’s digital world. These efforts, though, might no longer suffice.

“Companies and governments spend millions of dollars installing infrastructure technology to secure the network and data, Firewalls and then systems to monitor that these firewalls are doing their job and stopping malicious behaviour, from both external and internal bad actors,” notes Chin. “However, most companies just install a WAF (web application firewall) and think that they have addressed the problem for their website. This is not the case.”

Even regular pen testing is not nearly enough as it only yields a snapshot of the network’s security. What companies need on top of all that, according to Chin, is to be able to make sure that this WAF is actually doing its job. This is where web defacement monitoring technology comes in.

Web Defacement Monitoring and WebOrion

Website defacement monitoring is as the name suggests—a tool to check instances of web defacement. It alerts an organisation that such an attack has occurred, thereby allowing the aggrieved party to respond accordingly. It is a security tool designed specifically to counter web defacement, and it is being offered by a few companies—including Chin’s WebOrion, which happens to be a pioneer and leader in web defacement technology.

WebOrion, Chin explains, was established to provide next-generation cybersecurity software primarily in Singapore first and, later on, in the entire ASEAN region. But, unlike its contemporaries then, WebOrion looked at the security gaps that antiviruses and firewalls could not address just yet during that time, like distributed denial-of-service (DDoS) attacks, incident response and, yes, web defacements.

Today, WebOrion is helping companies in the region holistically safeguard the confidentiality, integrity and availability of their websites using its new WebOrion stack. This stack is hallmarked by a Protector (web firewall), Monitor and Restorer that, according to Chin, “provides an integrated and comprehensive approach to prevent a website from being hacked and to have a threat monitoring and response to complement the firewall.”

WebOrion Monitor, in particular, can quickly identify any web defacement and, in case of a true incident, maintain the organisation’s web presence and customer engagement. It does so not by simply reverting to a backup, which would still leave the affected website vulnerable to the same vulnerabilities. Instead, WebOrion fixes the problem at its roots, thereby preventing a reoccurrence of the defacement.

An Ongoing Crusade

As the world dives deeper into digitalisation, the cybersecurity landscape will continue to evolve and pose problems for organisations, whether it’s to their networks, websites, or both. This grim reality only underscores the crucial role that WebOrion and its peers in the industry will play in the years ahead.
The onus is now on organisations to make the right cybersecurity investments.