An analysis by the Department of Information Technology has come up with a revealing finding: India was the favored destination for Internet hackers in the first half of 2006. The survey was conducted by the Computer Emergency Response Team (Cert-In), which is in charge of handling computer security-related incidents, and has revealed that till June 2006, a total of 1,752 Indian Web sites were defaced, of which 39 were ".gov.in" Web sites. That roughly translates to around 15 percent of the total number of Web sites being hacked belonging to the government or its bodies, while another 81 percent belong to the ".co.in" domain. The survey reflects a startling increase in ".in" domain defacements. Statistically, the first half of 2006 saw 278 ".in" Web sites being defaced. A large number of country code top level domain sites - .co.in, .net.in, .gov.in, .org.in, .nic.in, .ernet.in, .ac.in, and .res.in - were defaced, with the commercial sites accounting for 68.3 percent of the hacked sites, and the Government sector contributing to 27.3 percent of them. On the VSNL network three prominent government sites viz. www.fmc.com, www.railnet.com, and www.ieg.com were defaced. Government officials in the know said that most of the defacements resulted from hackers using pre-fabricated exploits to gain administrative control of the target system, and then replacing Web pages hosted on the system with their own systems. However, on some rare occasions, attackers may not have had an opportunity to gain any user-level privileges on the target server, but were still able to take advantage of poorly written Web scripts or the vulnerability of Web servers to carry out the defacement.