Web defacements 2007 in sharp decrease (-37%). Is it a good news or bad news?21/03/2008 Written by Roberto Preatoni
We recently published the 2007 statistics based on the data collected by Zone-H. One of the most interesting fact is the sharp decrease (-37%) of the attacks compared to the attacks reported the previous year. In fact, while in year 2006 we filed 752,361 attacks, in year 2007 the reported attacks were “only” 480,905. Since the end of the 90s, when the first mirror archives (Alldas, Safemode, Attrition) started to track website defacements, this is the first time ever that the trend is showing a negative figure.
Usually from year to year, we were used to see an average increment of about 30% (in year 2005 the reported attacks were 493,840).
Is this a good news or a bad news? Certainly website defacements are loosing popularity. A few years ago a Microsoft defacement would have hit the news, today there’s no more hype among journalists in reporting such fact. We just got used to it, period.
The interesting question is: if the Internet user-base is getting larger and larger and if the systems are getting weaker and weaker, why the website defacements are decreasing by strong figures?
We do have an answer and to explain it to you we have to go back with our memories in year 2005…
At that time and before, website defacement was mainly a Brazilian business where hundreds of Brazilian crackers groups were causing havoc to the web. They were all coordinating between each other using the most famous Brazilian IRC network, called Brasnet. One day in year 2005, the Brazilian police seized the logs of the conversations between the Brazilian defacers and started to distribute punishments to some of them. The reaction was quite immediate: most of the crews quit their own IRC Brasnet channels, some of them decided to quit defacing and some of them moved to different servers, trying to look for “secrecy” on private IRC servers.
Regardless, the path was already traced, defacing was maybe something funny to do for Brazilians but more interesting activities were profiling at the horizon, such scamming, phishing, carding and banking. From hacking for fun, soon the Brazilians efforts were targeted to hacking for money. So much that today, there is no more activity in regards of defacements coming from Brazil. Sure, the Turks inherited the defacing business from Brazilians, nowadays most of the website defaces are coming from the land of Ata Turk.
Our prediction? Within 2 years Turks will follow the road already known to Brazilians, which incidentally was always known to Russians. Defacing will become less popular not because of strong controls from the police authorities, or better overall security but just because in the digital era crackers find more convenient to take the risk of hacking for money than taking the risk of hacking for fame. Soon, defacing will become mostly a political business (we are waiting for the Chinese protesters) and the asymmetric way of fighting between Muslims and the Christianity.
Mark our words.