ATLANTA—Conditions that prevent recreational hackers from defacing websites do not deter hackers who target sites for political reasons, research from Georgia State University’s Evidence-Based Cybersecurity Research Group (EBCS) has found.
Hackers defaced more than a million websites in 2017. About 30 percent of those defacements are politically motivated, the majority of such hackers appearing to protest social and political injustice and wars.
Using a sample of worldwide websites hacked in 2017, EBCS director David Maimon and his colleagues examined the relationship between a country’s characteristics and the frequency of website defacements reported in Zone-H, a unique online archive in which hackers report their malicious activities. C. Jordan Howell of Georgia State, George W. Burruss of the University of South Florida and Shradha Sahanic of the University of Maryland, College Park, were the study’s co-authors.
Hackers commonly deface websites to protest social and political injustice around the globe, spreading their message to a wider audience. However, recreational hackers are less likely to deface websites in countries with a “capable guardian,” a term researchers use to describe a strong military presence that uses computer emergency response teams as first responders to cyberattacks.
The presence of suitable targets also led to increases in the frequency of website defacements across countries.
“A country’s gross domestic product, commitment to educational attainment and level of freedom are associated with the amount of time spent online and a nation’s internet infrastructure,” Maimon said. “These conditions increase visibility and accessibility, increasing the country’s suitability as a potential target.”
Politically motivated hackers, however, were target-specific and not influenced by a country’s socioeconomic characteristics or internet infrastructure.
“Those hacking for political reasons appear to be driven by their evaluation of a target’s value,” said Howell, the study’s principal investigator. “They were unfazed by the presence of a capable guardian or the other elements a recreational hacker would use to determine suitability.”
“Understanding this connection is important,” Maimon said. “Website defacement, although a relatively simple form of hacking, can have severe consequences for both the hacked websites and the reputation of their owners.”
“In our study, we argued country-level characteristics can be used to predict website defacement victimization,” Howell said. “This week’s defacement of the Federal Depository Library Program’s page, attributed to Iran, is helping prove our assertion to be correct.”
Department of Criminal Justice & Criminology
Evidence-Based Cybersecurity Research Group
David Maimon is an Associate Professor in the department of Criminal Justice and Criminology at Georgia State University. David’s research interests include theories of human behaviors, cyber-enabled and cyber-dependent crimes and experimental research methods. In 2015 he was awarded the “Young Scholar Award” from the “White-Collar Crime Research Consortium of the National White-Collar Crime Center” for his cybercrime research. His current research focuses on computer hacking and the progression of system trespassing events, computer networks vulnerabilities to cyber attacks, and decision-making process in cyber space. He is also conducting research on intellectual property and cyber fraud.
Since being at Georgia State University, Dr. Maimon has created an Evidence-Based Cybersecurity Group where he and his researchers seek to produce empirical evidence and provide systematic reviews of existing empirical research and provide tools in preventing the development and progression of cyber-dependent crimes.