14 DAY TRIAL // Hackers are always probing the net to see which users are vulnerable and which sites have flaws that they can exploit. Of course, it's a good thing to deploy security measures on your website, but it's imperative to use them if you are the army. You can't just play around like that, I mean, represent the armed force of a country, store a lot of data online and not have great security measures for your site. That's just plain stupid. But apparently, that's the way it goes in Europe.
A certain country has been disclosed with army website vulnerabilities. It wasn't properly defended against attacks and hackers could get a lot of data if they wanted to. They have been warned by Sunbelt regarding this flaw, but 6 weeks later, they still had done nothing about it. And do note that Sunbelt is a great security company - you probably remember them since the recent Bank of India incident. They had traced the hackers to the Russian business Network.
In any case, as I've seen on eWeek, at the time they discovered it, the URL displayed a security screw up - putting production code and a back-end database into the hands of anyone that comes by. It certainly sucks to be the Army and do something like this. All you have to do is have a little knowledge about framing a SQL query, that will basically result in telling the hacker what other vulnerabilities the site has. With that data at their disposal, hackers can easily take down the site. But the worst thing isn't that their site had a flaw, as nothing on the web is perfect, but not giving a damn about such a security problem, even after being warned - well, that is severe! So, if you see a site getting hacked, don't ask yourself how smart the aggressor was, but how much did the web-designers slack when enforcing security!