Military-grade Web defacements are rare these days; however, the Australian Army Cadets have found themselves recruiting a different sort of prospect following an embarrassing defacement attack by a hacker group running under the name of "spykids".
It's unknown whether they are either kids, spies or both. The defacement, which occurred on January 9, resulted in the Army Cadets homepage being replaced with a text script repeating the word "spykids" as proof of their attack.
According to information security sources, Spykids are "not a global 'force' to be reckoned with" and are considered more of a nuisance than a tactical hacking operation.
The defacement has not been met with increased security of the Australian Army Cadets Web site because, according to parliamentary secretary Teresa Gambaro, all information featured is classified as public domain.
The Australian Army Cadets Web site is running Windows 2005 on the IIS5 Web server.
Gambaro said moving the site to CadetNet, which is operated by the Department of Defence, will alleviate any security concerns, adding that the breach of the Web site was the first in the three years since it started operating and is not linked to any sensitive defence information.
"The existing Army cadet Web site is hosted externally to the core defence hosting environment and the security of this Web site is not managed by Defence - when the Web site is moved to CadetNet it will be part of the secure defence hosting environment," Gambaro said.
"The Army cadet Web site is hosted outside of the Defence computing environment by the Australian Army Cadets on privately owned hardware and as the Web site is a public site, it contains information that is classified as 'public domain' and Army cadets and cadet staff are advised that any personal information published on the site will be accessible by the general public.
"The incident involved inserting files on the Army cadet Web site rather than accessing information. Naturally any hacking incident is a concern; however, as the Army cadet Web site is hosted outside the Defence classified network, this incident did not compromise the integrity of the Defence Information Environment and moving the Army cadet Web site onto CadetNet will minimize the risk of such incidents recurring."
Director of Network Box Australia, Andrew Tune, said the fact that the site is hosted externally to the Department of Defence has nothing to do with the question of online security.
"Most hacking occurs because people are inattentive to security," Tune said.