Establishing Digital Trust: Don't Sacrifice Security for Convenience
Unidentified hackers recently hijacked the Web site for the International Council of Electronic Commerce Consultants (EC-Council) and redirected visitors to a defacement page hosted at an ISP in Finland (h/t Ars Technica).
The EC-Council is best known for offering the Certified Ethical Hacker certification.
On the defacement page, the hacker or hackers wrote, "Defaced again? Yep, good job reusing your passwords morons," and posted a photo of Edward Snowden's U.S. passport.
"EC-Council's Security Team has confirmed no access to any EC-Council servers was obtained, the domain redirection was done at the DNS Registrar and traffic was re-routed from Authentic EC-Council Servers to a Host in Finland known for hosting other illegal Web sites," the organization stated in a Facebook post. "EC-Council immediately began exercises in security precaution to fortify against any further attempts. EC-Council immediately opened cases with the United States FBI as well as international Law Enforcement to apprehend this individual and launched a full analysis of third party vendors where the security breach was allowed."
Although the organization's servers weren't affected, the EC-Council says the redirection remained in place all day on February 23, 2014 and into the morning of February 24, 2014.