United Nations Website Defaced

David Utter
Staff Writer
2007-08-13

Attackers used a SQL injection attack to deface the United Nations web page containing speeches by its Secretary-General, Ban Ki-Moon.

A message criticizing the US and Israel replaced the 'Latest Speeches' box on the now-fixed Secretary-General's page on the UN's website. Instead of links to Ban's latest speeches, this text appeared in the box:

Hacked By kerem125 M0sted and Gsy
That is CyberProtest Hey Ýsrail and Usa
dont kill children and other people
Peace for ever
No war

The Hackademix blog cited the problem as a vulnerability to SQL injection attacks:

If only prepared SQL statements were used properly*, this embarrassing incident would have been easily prevented.

And yes, prepared statements are available even in the very obsolete ASP "Classic" + ADODB Microsoft setup they've got.

A report by the BBC said the named attackers may be from Turkey. Other site defacements perpetrated by the attackers claimed the hackers were of Turkish origin.

About the Author:
David Utter is a business and technology writer for SecurityProNews and WebProNews.

More news_security_news Articles

Security News RSS Feed

Get Your Site Submitted for Free in the World's Largest B2B Directory!

Email Address:
* URL:
*
*Indicates Mandatory Field

Terms & Conditions

iEntry Featured Services: Jayde Member Services | Forums | Freeware | Advertise with Us

Featured On:

article resources

WebProWorld.com

•	Get in-touch with industry experts and leaders
•	Post your site for review by expert and peers
•	Ask Security, IT, Development and Design questions

Free Membership: Join Now!

Visit WebProWorld.com


Titan Quest Forum The #1 Titan Quest forum
Halo 3 Forum The best Halo, Halo 2, Halo 3 forum
Nintendo Wii Nintendo Wii news and views
Mac Software The best in OS X freeware
Graphics Forum Your source for graphic tutorials