classification.gov.au defaced

27 March 2009

The classification.gov.au website was defaced today - doubtless through a vulnerability in the content management system used to maintain the site. The tone and content of the defacement makes it pretty clear that this was not just a random script kiddie:

classification.gov.au
(image mirrored from here)

Given the controversy surrounding Australian censorship and classification bodies in the last while, an attack like this is not surprising. The relevant risk manager should have been aware of the clear spike in hostile intent towards the relevant web properties once negative publicity started. It would be interesting to know whether an independent assessment was commissioned to try to pre-empt this type of PR disaster.

The site was taken offline soon after the compromise became public, and at the time of writing is still down.

Call or email us today to find out more about Nullcube's security solutions
+64 210 718 900
The Nullcube Blog
Subscribe via RSS
Moves are afoot to unify Australian cyber-security policy (07 Apr 09)
Cyber-security is being brought into the portfolio of the Attorney-General's Department, in an effort to unify Australian security policy
more...
classification.gov.au defaced (27 Mar 09)
The classification.gov.au site was defaced today.
more...
There can only be one (24 Mar 09)
The 2009 Pwn2Own browser security contest has come and gone, and there was only one survivor...
more...
The perils of the cloud (20 Mar 09)
The recent security lapse in Google docs is a sign of things to come.
more...
Conficker calls home (03 Mar 09)
The Conficker botnet will be connecting to a set of randomly generated domains during March, including a number of legitimate websites
more...
Copyright © 2009 Nullcube. All Rights Reserved.