Skip to main content

Beware of Web defacement attacks targeting Hong Kong

Last Update Date: 2 Oct 2014 21:01 Release Date: 2 Oct 2014 6886 Views

RISK: Extremely High Risk

TYPE: Attacks - Other

TYPE: Other

1. Multiple Hong Kong websites were found defaced. They were injected with the logo and slogan of the attacker claimed to be from "OpHongKong hosted by Anonymous". These websites covered different small private businesses.

 

2. The attacks used security vulnerabilities of the web server or application. 

 

HKCERT issued a press release [/my_url/articles/14100201] on October 2 on the matter.


Impact

  • Data Manipulation

Solutions

1. HKCERT advised the enterprises to follow the following steps immediately to ensure the websites are secure 

  • Patch the web server and web applications with the latest updates 
  • Change all default application passwords 
  • Use strong password or two-step verification 
  • Restrict access and protect web administrator login page 
  • Remove all unused modules and application extensions

 

2. As a good practice user should prepare their web servers better with the following measures 

  • Separate the web and Database servers 
  • Validate user supplied inputs in web applications 
  • Use web application firewall 
  • Perform penetration testing and vulnerability scanning on a regular basis 
  • Consider code scanning for critical applications
  • Perform regular backup

 

If you encounter any security attacks please report to HKCERT (Hotline: 8105 6060).


Vulnerability Identifier

  • No CVE information is available