Web defacements 2007 in sharp decrease (-37%). Is it a good news or bad news?

21/03/2008 Written by Roberto Preatoni

decrease_300We recently pub­lished the 2007 sta­tis­tics based on the data col­lected by Zone-​H. One of the most inter­est­ing fact is the sharp decrease (-37%) of the attacks com­pared to the attacks reported the pre­vi­ous year. In fact, while in year 2006 we filed 752,361 attacks, in year 2007 the reported attacks were “only” 480,905. Since the end of the 90s, when the first mir­ror archives (All­das, Safemode, Attri­tion) started to track web­site deface­ments, this is the first time ever that the trend is show­ing a neg­a­tive figure.

Usu­ally from year to year, we were used to see an aver­age incre­ment of about 30% (in year 2005 the reported attacks were 493,840).

Is this a good news or a bad news? Cer­tainly web­site deface­ments are loos­ing pop­u­lar­ity. A few years ago a Microsoft deface­ment would have hit the news, today there’s no more hype among jour­nal­ists in report­ing such fact. We just got used to it, period.
The inter­est­ing ques­tion is: if the Inter­net user-​base is get­ting larger and larger and if the sys­tems are get­ting weaker and weaker, why the web­site deface­ments are decreas­ing by strong figures?

We do have an answer and to explain it to you we have to go back with our mem­o­ries in year 2005…

At that time and before, web­site deface­ment was mainly a Brazil­ian busi­ness where hun­dreds of Brazil­ian crack­ers groups were caus­ing havoc to the web. They were all coor­di­nat­ing between each other using the most famous Brazil­ian IRC net­work, called Bras­net. One day in year 2005, the Brazil­ian police seized the logs of the con­ver­sa­tions between the Brazil­ian defac­ers and started to dis­trib­ute pun­ish­ments to some of them. The reac­tion was quite imme­di­ate: most of the crews quit their own IRC Bras­net chan­nels, some of them decided to quit defac­ing and some of them moved to dif­fer­ent servers, try­ing to look for “secrecy” on pri­vate IRC servers.

Regard­less, the path was already traced, defac­ing was maybe some­thing funny to do for Brazil­ians but more inter­est­ing activ­i­ties were pro­fil­ing at the hori­zon, such scam­ming, phish­ing, card­ing and bank­ing. From hack­ing for fun, soon the Brazil­ians efforts were tar­geted to hack­ing for money. So much that today, there is no more activ­ity in regards of deface­ments com­ing from Brazil. Sure, the Turks inher­ited the defac­ing busi­ness from Brazil­ians, nowa­days most of the web­site defaces are com­ing from the land of Ata Turk.

Our pre­dic­tion? Within 2 years Turks will fol­low the road already known to Brazil­ians, which inci­den­tally was always known to Rus­sians. Defac­ing will become less pop­u­lar not because of strong con­trols from the police author­i­ties, or bet­ter over­all secu­rity but just because in the dig­i­tal era crack­ers find more con­ve­nient to take the risk of hack­ing for money than tak­ing the risk of hack­ing for fame. Soon, defac­ing will become mostly a polit­i­cal busi­ness (we are wait­ing for the Chi­nese pro­test­ers) and the asym­met­ric way of fight­ing between Mus­lims and the Christianity.

Mark our words.

Share this content: