What happens when the market leader in Intrusion Detection finds its website defaced? Well, the first thing that normally happens is that the owners of the website admit that their security practices have been lax and apologies while looking red-faced for a few days.
Not so in this latest event: with an amount of lateral thinking worthy of Edward De Bono they claimed that the website was nothing other than a honeypot.
But of course! How could we ever possibly have thought otherwise?
History is not on the side of these claims. A rather well-respected security training organisation had their website defaced and the reaction was along the lines of "Oh dear, that is really rather embarassing" followed by a complete redesign of the website.
Why had it happened? Simply because the website had been allowed to grow well beyond its initial remit without a suitable security review. The reasons for this are to be found in the usual enemy of security: time and personnel.
What should have been learned from this incident? Well, the key lesson is one of humility. It does occasionally happen that even the very best amongst us make mistakes. Admitting them is a show of strength but of course this is often too much to ask from companies driven by their marketing departments.
So what will happen next? All the competitors will happily mention this event to their customers, the company will continue claiming that it was a particularly smart honeypot design and life will go on. The only loser: the security industry, yet another blow to its already feeble credibility.
For those interested in seeing defacements there is an archive of the sorry-looking site.
Posted by arrigo at May 9, 2003 09:48 AM