Security control for website defacement

Abstract

Cyber-attacks to websites are increasing steadily affecting the integrity and availability of information, so the implementation of safeguards to mitigate or reduce to acceptable levels the risks generated are necessary. Computer incidents produce economic and reputational impacts to different organizations. It has identified an increase in computer attacks on different organizations where one of them, and highly reputational impact, is the “Defacement” attack, which consists of unauthorized modification or alteration to the web sites, affecting the integrity of information. The result of this article proposes the development of a model for establishing a security control to perform the containment and reporting of this attack type, which currently have focused on the websites of the government entities. The development model allows online control the attack on Web sites by constant reading of certain parts of the source code making the detection and maintenance of the integrity of information. Los ataques cibernéticos a sitios web constantemente afectan la integridad y disponibilidad de la información, esto hace necesaria la implementación de salvaguardas capaces de mitigar o reducir a niveles aceptables los riesgos generados. Los incidentes informáticos producen impactos económicos y de reputación para diferentes organizaciones. Se ha identificado un aumento en los ataques informáticos en diferentes organizaciones, uno de ellos con impacto altamente reputacional, el ataque defacement, que consiste en la modificación no autorizada o alteración de los sitios web, lo cual afecta la integridad de la información.