I usually dislike and disagree to people who deface websites to state whatever point they want to prove but this one is really an exception. The defacement happened last October 2009 and was kept silent from the general public. This simply proves the poor state of IT security from supposedly one of the most security-knowledgeable agency in the entire planet. How does this happen you may ask? The security industry itself is filled with pretenders with fancy resumes and certifications who actually know almost next to none when it comes to real-world security threats. Otherwise, how do you explain being compromised with an 8-year old exploit which any newbie hacker can readily do?