← All threats
HIGH
Website Defacement Campaign
Ongoing pattern of website defacements where attackers replace site content to push a political or trophy message. Implies the targeted CMS / web tier has unpatched vulnerabilities, weak admin credentials, or missing WAF.
Ongoing pattern of website defacements where attackers replace site content to push a political or trophy message. Implies the targeted CMS / web tier has unpatched vulnerabilities, weak admin credentials, or missing WAF.
MITRE ATT&CK
Tactics, Techniques & Procedures
TA0040 Impact
tactic
Defensive mapping
Mapped controls
The audit will verify each of these controls is in place and effective.
| Control | Confidence | Why it matters |
|---|---|---|
| Web application firewall suggested | 75% | Recommended control for defacement |
| CMS patching and updates suggested | 75% | Recommended control for defacement |
| Input validation and output encoding suggested | 75% | Recommended control for defacement |
| File integrity monitoring suggested | 75% | Recommended control for defacement |
| Geo-blocking on the web tier suggested | 75% | Recommended control for defacement |
| Backup and rapid restore suggested | 75% | Recommended control for defacement |