Many of the cybervandalism attacks reported in Australia appear to stem from individuals or groups based in Turkey, a report has found.

The documented attacks were typically only surface-level intrusions, but such breaches were often a pre-cursor to more insidious penetrations of networks, according to Ken Low from network security group TippingPoint, which conducted the survey.

The report said Australian Web domains were defaced in 20,133 instances in the eight years to May 2007, and 82 percent involved sites with the com.au registration.

"These are attacks that are fairly obvious," Low said.

"When you see that a Web site's down, it means that they would have penetrated your perimeter defences -- it's just a symptom of a larger problem."

Of the top 10 hackers responsible for attacks on Australian sites, most appeared to have Turkish origins.

A hacker using the alias Iskorpitx was the most prolific attacker in the eight-year period, linked to 841 incidents.

Hackbsd Crew, apparently from the Dominican Republic, was second with 449 attacks, and the Kurdish Hackers Clan was third with 398.

At least six vandals had left writings in Turkish or relating to Turkey.

They included Thehacker, eno7, SpyGrup.Org, Sabo Taqe and LORD.

In the past three days, groups called TurkHacks.com, uLTRaTurK and 1923Turk claimed responsibility for attacks on many Australian sites.

Often the hackers simply added pages or messages that let viewers know they had broken into the network, while others left messages of a religious or political nature.

Australia was third on a list of 10 countries in terms of the ratio of cybervandalism attacks to market size, the report said.

The United Kingdom attracted the highest attack ratio, with one attack for every 479 internet users. New Zealand was second with one hack per 638 users, followed by Australia with one per 732 users.

Australian domains had a higher attack rate than seven of the country's Asian neighbours, which included Singapore, Taiwan, Korea, Hong Kong, China, India and Japan.

Low said politics figured in many intrusions.

"As Australia engages the world and has different international policies, some of these policies could be controversial and result in a backlash," he said.

However, such attacks were rarely directed at Australian sites exclusively, with similar messages left on sites on domains all over the world.

Iskorpitx is believed to be one of the world's most prolific vandals, responsible for an estimated 190,000 attacks.

It is believed that the vast bulk of hacks are more discreet and employ malicious code to penetrate PCs and networks usually for financial gain, but those cases are less well reported.

Like urban graffiti artists, cybervandals often boast about their hacks and post their results on sites such as zone-h.org, which closely monitors online crime.

But Rob Lowe from the Australian Computer Emergency Response Team (AusCERT) said vandalism was really only a small part of the growing problem of global cybercrime.

Financial gain through activities such as spam and phishing scams, not notoriety, was becoming the main game.

"The people who want to do something serious typically don't want to tip off the administrators of that website that they had this in mind or that they had actually compromised the Web site," he said.