
Is it sufficient that the legislator provides “Appropriate levels of security” to make italian Public Administration’s websites safe?
Apparently not, since only in 2015 hundreds of Internet pages belonging to public bodies have been violated.
According to data gathered on zone-h.org, emerges a very worrying situation.
Schools
280 defacement events on 278 domain names
Hacked OS: 204 Linux, 41 MS Windows, 33 others
Cities
Out of 8,050 websites examined, we found 92 defacement events on 85 domain names.
Web Servers: 4,770 Apache, 2,620 IIS, 362 Nginx, 298 others.
Hacked OS: 54 Linux, 26 MS Windows, 3 FreeBSD, 2 others.
Provinces
Out of 110 websites examined, we found 28 defacement events on 17 domain names.
Web Servers: 69 Apache, 27 IIS, 5 Nginx, 9 others.
Hacked OS: 12 Linux, 3 MS Windows, 2 others.
Regions
Out of 20 websites examined, we found 1 defacement event.
Web Servers: 12 Apache, 4 IIS, 0 Nginx, 4 others.
Hacked OS: 1 Linux
Government
2 defacement events on 2 domain names.
Hacked OS: 2 Linux
Also read my previous article: Italian Public Administration web sites (in)security: 2014 report