A few days ago, CNNfn scheduled an interview with me about the recent hacking contest in which hackers worldwide were supposed to compete to see who could deface 6,000 Web sites first or the most Web sites in a six-hour period. The announcement of the contest appeared at http://www.defacers-challenge.com/. On July 7, the morning after the scheduled contest, the cable-news channel canceled, saying the event “had become a non-story.” I actually think it may be one of the biggest stories of the year—a sort of quiet giant.
A mere 300 or so Web sites were defaced during the contest and not one of them was the site of a major player like AOL, CNN, The New York Times, or Yahoo. The challenge to hackers went out earlier in the week, which gave these folks ample time to search for security holes to exploit. They obviously found little to work with.
Apparently all that talk about protecting your infrastructure, Web security, shielding Web servers from denial of service attacks, being good World Wide Web citizens by not letting damaging code spread beyond your own boundaries, and Windows 2000 patch management actually worked! Web developers, managers, system administrators, CEOs, CFO and CIOs had taken the messages to heart.