Skip to main content

Mocking hacked politicians' sites? Joke could be on you

By Mallory Simon, CNN
The new European Union Web site was hacked, and Spanish PM Jose Zapatero was replaced with Mr. Bean, left.
The new European Union Web site was hacked, and Spanish PM Jose Zapatero was replaced with Mr. Bean, left.
STORY HIGHLIGHTS
  • Hackers replaced photo of Spain PM with Mr. Bean on new European Union site
  • Mahmoud Ahmadinejad's hacked with message asking God to kill Iranian president
  • Security experts say clicking to laugh at hack could leave users vulnerable
  • Expert: Hacking government sites is "21st century form of a street protest"
RELATED TOPICS

(CNN) -- For Spanish Prime Minister Jose Luis Rodriguez Zapatero, it was a global virtual black eye.

Instead of seeing his photo on the new European Union site, launched this week as Spain took over the presidency, visitors were greeted by Rowan Atkinson's comic character of Mr. Bean.

And if you clicked over to Iranian President Mahmoud Ahmadinejad's Web site, you'd see that hackers took him on, too.

The text on his site was replaced with a note remarking on the death of "my favorite singer Michael Jackson" and "my favorite voice Neda," the woman killed last year during protests over Iranian elections. It ended with a request that God smite Ahmadinejad and "my favorite dictator [Ayatollah Ali] Khamenei in 2010."

Millions flocked to mock and clicked to laugh at worldwide leaders -- but security experts say the truth is that the real joke could have been on them.

"The reality is, this is sort of the 21st century form of a street protest, except [hackers] have a global reach, and these leaders are being embarrassed in a very public, global way," said Danny McPherson, chief security officer and security expert at Ann Arbor Networks.

And the embarrassment was ugly. In a technology-age version of residents flooding streets holding signs or drawing glasses on a politician's poster, Facebook and Twitter users joined in and swarmed the Internet, sharing links to the sites and remarking on the hilarity of the two attacks.

But, McPherson said, most of those people probably didn't think about whether they, like the leaders, could have also fallen victim to the hacks.

"It's a pretty ugly proposition from a risk-management perspective," he said. "The site is being compromised, and not only that, but it can be used to compromise anyone visiting the site, which is far worse than any traditional protest."

Although it's unknown whether the sites were hacked merely to send a message or as a goof, McPherson said hackers could just have easily uploaded malware -- malicious software -- that would attack any visitor's computer.

And with the growth of viral Internet videos and pranks, millions of users could easily click on links to the site, especially if it mocks well-known celebrities or leaders and is shared on Facebook or Twitter.

And once the word is out about a site being hacked, McPherson said, the ripple effect could be huge.

"With both of those sites, given the political climate in Iran or the EU president site, either of these could have equally been used to distribute malware for journalists or people going to the sites for very valid reasons," McPherson said.

And hacking of government Web sites, for security intelligence or just for a global joke, isn't as uncommon as you might expect.

The antivirus company Symantec said in 2007 that 80 percent of attacks on Web sites happen in the same way as the attacks on the EU and Ahmadinejad sites: through loopholes that allow hackers to upload scripts to change Web sites.

And in an age of cyber sit-ins, McPherson says, the threat will only grow until companies continuously work to ensure the security of their sites.

Ironically, cybersecurity is one of the issues Zapatero and Spain plan to tackle as part of a digital agenda while it holds the EU presidency.

And now, after the hack on the EU Web site, bloggers and commenters around the world have piled on, saying the task may be hefty for Spain, which couldn't keep its new site safe from a cyberattack for a week.