April 9, 2020

Playbook for website defacement

By venkat

Description

Website defacement by adversaries is very common type of attack.

Playbook

Mitigation

The mitigation depends on the kind of deployment capabilities you have.
A maintenance page is key to communicate you are down and are putting in all efforts to get back soon.
Ensure the intruder is blocked and restore the latest possible backup.

For SQL injection please refer https://playbooks.flexibleir.com/playbook-for-sql-injection/

References

https://www.trendmicro.com/vinfo/gb/security/news/cyber-attacks/web-defacements-exploring-the-methods-of-hacktivists

Cloud

The following considerations could help.

Consider usage of AWS WAF [1]

Tagswebsite defacement

About The Author

venkat

Venkat is founder of FlexibleIR. He brings 20 years of experience in building tools and products at Sun Microsystems, Intel, Novell, HP, Yahoo,Tesco and startups. He has developed test suites and frameworks for post silicon validation of the Xeon processor family (Fuzzing). He has worked deeply on UFS files system at SUN Microsystem. Was a security paranoid at Yahoo.