According to a recent report by the Web Application Security Consortium, 24 per cent of website hacks are aimed at defacing a site rather than financial gain. The second most popular motivation was stealing sensitive information, which scored 19 per cent. Others are planting malicious code, scoring 16 per cent, and causing monetary loss, at 13 per cent. Other attacks cause downtime or denial of service for a website, planted viruses and linked spam and information warfare. First, there is need to tighten the web applications and get rid of holes in the software design. Seek professional assistance on this. Also, the single most important step that an organisation can take to increase its site’s security is to create a written security policy. The security policy should lay out the organisation’s policies with regard to who uses the system, when they are allowed to use it, what they are allowed to do, procedures for granting access to the system, system monitoring procedures and protocols.