• silicon.com
• Technology
• Security

By Robert Lemos, 7 July 2003 05:49

NEWS Unknown attackers downed the largest recorder of website defacements on Sunday, the same day that vandals had been thought to be planning an online graffiti contest. The attack left the security site Zone-H.org mostly inaccessible until late on the weekend and the effects of the contest largely in dispute. While some 500 internet addresses corresponding to defaced websites were submitted to Zone-H.org, the intermittent accessibility of the site meant that hundreds, if not thousands, more may have not been recorded. "We'll likely know over the next 36 hours," Roberto Preatoni, founder and editor of Zone-H, wrote Sunday during an internet chat with a journalist at silicon.com sister site CNET News.com. Word of the contest spread quickly late last week after news reports and security company Internet Security Systems publicised the event. A website called the Defacers' Challenge urged online vandals to crack into as many websites as possible on Sunday and report the defacements to Zone-H, a neutral third party. While Preatoni expected between 20,000 and 30,000 registrations of hacked sites Sunday, far fewer came in. The lack of response, while apparently due to the trouble that mischief-makers had in contacting Zone-H, could also be an indication that the rash of website attacks was mainly a flop. Zone-H.org is best known for its database archiving the snapshots of websites that have been defaced. The website had to open an alternative page for taking submissions for the contest. Preatoni said he normally sees anywhere between 1,000 and 3,000 website defacements on any given Sunday. Because of the problems encountered by Zone-H.org, the person running the challenge - a person using the handle 'Eleonora(67)' - extended the contest another 24 hours. While chaos apparently stymied defacers' attempt at anarchy, many security researchers criticised the amount of attention the event received in the first place. A group of security sites, including the former defacement archive Attrition.org, lampooned the security industry and several government organisations for taking the contest so seriously. In fake defacements of six websites, titled "I panicked over the Defacement Challenge scare and all I got was this lousy defacement", the experts stressed that attacks happen all the time. Moreover, they added that the contest, which grants the winner a prize of lacklustre 500 MB of storage on the web, would not be taken seriously by the majority of security researchers and hackers. "We are basically saying that you should secure your systems like you always do," said Richard Forno, author, independent security consultant and a participant in the lampoon. "If you are any type of IT or security professional, this shouldn't scare you." Robert Lemos writes for CNET News.com.