[SingCERT] Increase in Defacements Affecting Singapore-hosted Websites

Published on Wednesday, 09 August 2017 22:10

Background
SingCERT has observed an increase in defacement activities affecting websites hosted in Singapore in early August 2017. A website defacement is an attack on a website that changes the visual appearance of the site or a webpage. This is usually done by exploiting an unpatched vulnerability.

Affected Versions
The affected websites were hosted on vulnerable versions of Content Management System (CMS) and Operating System (OS) such as PHP/5.4.45 and Microsoft Windows Server 2012 respectively. 

Impact
An unauthorised user can exploit vulnerabilities in unpatched websites to modify its contents resulting in defacements, spam or insertion of malicious contents on the websites.

Recommendations
Website owners and service providers are advised to use patched and updated version of CMS and OS. In addition, they should heighten the monitoring of website/s owned or hosted by them.

Affected parties can contact SingCERT at singcert@csa.gov.sg or the hotline at 6323 5052 for further assistance.

References
http://cybercrime.org.za/website-defacement