In January, following the attacks in the Paris region, numerous web defacement attacks had been found. These cybervandalisme operations were claimed by supporters of radical Islamists, including the Islamic State (Daesh).
“The vast majority of these attacks are websites disfigurements ( or defacement), or denial of service (DDoS) attacks that exploit vulnerable sites security vulnerabilities “said then the Anssi.
Targets chosen for their use WordPress
Of course, the FBI noted, these “défacements reflect a low level of sophistication” but nevertheless proves expensive because of business losses and expenses they generate to repair infected systems.
As for the victims of these intrusions, they are very diverse. And for good reason since attackers are targeting the owners of the sites under the technical platform of the latter. The victims have something in common. Using vulnerable WordPress plugins
Hackers not members of Daesh
“The FBI estimates that the authors are not members of the terrorist organization Islamic State. These individuals are hackers exploiting relatively simple methods to exploit technical vulnerabilities and use the ISIS name to gain more knowledge that undercutting would otherwise have collected. “
This was already the analysis published by ZDNet January. “We have not seen any eccentricity or coordination in the attacks, or well equipped denial of service” confided Loïc Guézo, security expert at Trend Micro. “The result is mostly visual, it is a desire to communicate” by défacements.
As for the profile of the attackers, he was “rather the people with basic skills, direction of the management of the PC and some tools “he added. They would be similar as well to” script kiddies “, rather than seasoned hackers.
No comments:
Post a Comment