Re: [ISN] Defacements/Server Compromise, Some Companies Simply Don't Care

From: InfoSec News (isnat_private)
Date: Fri Dec 28 2001 - 20:15:47 PST

  • Next message: InfoSec News: "[ISN] Microsoft's Early Xmas Present."

    Forwarded from: Robert G. Ferrell <rferrellat_private>
    At 01:18 AM 12/28/01 -0600, you wrote:
    > Do the companies care? Evidently not. How many website defacement
    > "crackers" have you seen convicted lately? Although I understand
    > that Law Enforcement cannot prosecute all of the cases that could
    > be presented in relation to defacement, they could in fact compile
    > statistics relative to the M.O. of the cracker. This job is
    > currently done by civilians! Personal web sites are devoted to the
    > statistical analysis of web site defacements, where the
    > information generated is done so by civilians. If in retrospect,
    > this was done by a civilian, in relation to say arson, would we
    > not have cause for concern?
    While I can't comment any further, let me say that I'm involved at the
    moment in several investigations of defacements of U.S. government web
    sites, at least one of which has already resulted in a plea of guilty.  
    They just don't always make the news.
    I would also like to add that just because you haven't heard of any
    databases of defacement statistics being compiled by law enforcement
    doesn't mean they don't exist...
    Robert G. Ferrell
    ISN is currently hosted by
    To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY
    of the mail.

    This archive was generated by hypermail 2b30 : Sat Dec 29 2001 - 01:14:22 PST