The bane of Web Defacement


‘Web Defacement’ sounds like an act of digital vandalism, akin to painting graffiti on a wall, doesn’t it?

It usually involves adding additional content — the defacer's pseudonym or codename, images, a message from the defacer, etc — to a Webpage, or replacing a Webpage with completely new content. Sometimes, however, web defacement involves something darker: inserting malicious code to infect the computers of visitors (e.g through Drive-By-Downloads), making them open to virus attacks and other problems.

In most instances, defacers are pranksters who do it just for fun; while some so-called hacktivsts who use hacking to communicate a politically, socially, or religiously motivated message. Such web defacement can be more damaging than the term ‘defacement’ implies.


Impacting Your Business


Firstly, there is the damage to corporate reputation. A defaced website sends the message that the owner of the Website is unable to secure its systems, and by extension, its data. If the site owner is a business that processes personal data, current and prospective customers will think twice before entrusting sensitive information to it, likely affecting sales.

Secondly, data may have been compromised. Sometimes, a site is defaced as a diversion to cover up more harmful activities such as uploading malware to, deleting important files from, or stealing sensitive information from, the web server.

A data breach can have significant consequences for a business: sensitive data falling into the wrong hands; loss of trust; lawsuits and fines, if investigations show that the business had failed to comply with regulatory requirements; or the CEO getting fired.

Finally, web defacement causes disruption and downtime. Even if the defacement is nothing more serious than cyber-vandalism, time and resources must be devoted to determining the extent of and fixing the problem, and taking steps to prevent it from occurring again.


How to Prevent Web Defacement


A comprehensive solution to web defacement is needed as a counter-measure; detect web defacements quickly and accurately; and restore the integrity of the website in the shortest possible time.

Accomplishing the above means:

  1. Ensuring all your security measures are enabled and up-to-date for both website and web server.
  2. Having a good backup strategy, both in terms of regular scheduled back up your website data as well as have a secure replica in the event of a website hack or defacement. While having a recent backup of your website can facilitate the restoration of your undefaced website quickly, it is to be noted that this same backup has the same security vulnerability that compromised the website in the first place. A secure replica will help to mitigate this risk.
  3. Getting someone to monitor your website regularly. It’s embarrassing to find out, days after the fact, after numerous visitors have seen the defacement, that your website has been defaced. Automate the process by enlisting the help of a service that can monitor your site at regular intervals for defacement and other problems so corrections can be made promptly.


When choosing your partner to implement your anti-web-defacement solution, be sure to check not only the technical competencies of the operator but also how comprehensive the services offered are.

Operators like StarHub use industry-leading systems to proactively monitor your website against unauthorized changes or defacement. The response time for notification in an event of a defacement occurs is within minutes, and can be done through the various messaging channels such as email, SMS etc.

StarHub’s Restoration Service ensures your web presence is automatically and seamlessly restored within seconds, while buying precious time for you to investigate to patch the vulnerability to return operations back to steady-state. The Restoration Service uses patented Secure Replica technology, that effectively prevents a re-defacement attack, due to its unique feature of stripping off the website’s security vulnerabilities, but yet is able to preserve actual look and feel of the original website and its basic functionality. In essence, there is zero downtime and your customers will not be aware that there was a defacement incident.


Follow StarHub Business on Linkedin for the latest business updates.

Cyber Security KeyTrends 2017

Read more about the key trends for 2017 on Cyber Security.

Read more
Cyber Security for the Internet of Everything

Securing your Enterprise in the digital age.

Read more