Around 300 websites are understood to have been affected yesterday / today after a group going by
the name of 'Security Corp' compromised a virtual server belonging to
NetWeaver
limited. This is the second high profile mass defacement of NetWeaver sites in as many months.
[Previously reported by
Rootsecure.net on the 10th of May "856 NetWeaver
sites defaced"]
NetWeaver initially responded by issuing the following statement:
| --- |
Sat, 14th June 2003
Despite tight security on the 'new' mocha server; there has been a
compromise today to the system. Although security was tightended
considerbly lately; we, like anyone, are unable to stop a determined
hacker |
Ignoring the spelling errors, NetWeaver appear to be admitting that they
are unable to properly secure their servers. The obvious question is
therefore why not. Most other web hosts of which there must be many
hundreds seem to be able to - if they did not then they would soon go out
of business.
It is certainly true that no system is or can be 100% secure, but
security is a relative concept. NetWeaver are not up against a hostile
nation with all the resources that come with it attacking their server, but
most likely group of individuals motivated by nothing more than pride who
are "hacking" in their spare time.
Back to today, and another statement is released, (this time with only one spelling error)
again offering little reassurance to
any of their 300 loyally paying customers who now have to one again
re-upload their index.htm files:
| --- |
Sun, 15th June 2003
Sustained attack
It is apprearing that the attack on our network from Saturday is
ongoing, with other parts of our server network today being attacked |
At the time of publication - 11pm GMT, all affected sites still displayed
the defacement message left by 'Security Corp'.
|