Re: Defacements/Server Compromise, Some Companies Simply Don't Care

[InfoSec News <isn () c4i org>]

Forwarded from: Robert G. Ferrell <rferrell () texas net>

At 01:18 AM 12/28/01 -0600, you wrote:
> Do the companies care? Evidently not. How many website defacement
> "crackers" have you seen convicted lately? Although I understand
> that Law Enforcement cannot prosecute all of the cases that could
> be presented in relation to defacement, they could in fact compile
> statistics relative to the M.O. of the cracker. This job is
> currently done by civilians! Personal web sites are devoted to the
> statistical analysis of web site defacements, where the
> information generated is done so by civilians. If in retrospect,
> this was done by a civilian, in relation to say arson, would we
> not have cause for concern?

While I can't comment any further, let me say that I'm involved at the
moment in several investigations of defacements of U.S. government web
sites, at least one of which has already resulted in a plea of guilty.  
They just don't always make the news.

I would also like to add that just because you haven't heard of any
databases of defacement statistics being compiled by law enforcement
doesn't mean they don't exist...

;-)

Cheers,

RGF

Robert G. Ferrell
rferrell () texas net
http://rferrell.home.texas.net/rgflit.html 



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn' in the BODY
of the mail.