A software security company has had its own front yard defaced by a hacker, suspected to be a disgruntled employee.

US-based firm eEye had a message posted on its website today entitled, "Would you trust a security company who cannot even secure themselves?"

The missive goes on to rubbish the company for allegedly treating its employees badly, and criticises its products, which include the network sniffer, Spynet.

The chief victim of the hack attack is eEye employee Marc Maiffret, dubbed the Chief Hacking Officer. The cybercriminal wrote: "Would you trust this glorified script kiddie and his band of merry men?"

The eEye website, www.eeye.com is currently down, but the hack has been logged by Attrition.org, which keeps track of security issues.

Paul Rogers, network security analyst at MIS, said that he suspected the attack was by an unhappy employee, which means it could be internal or external.

"Internal security is weaker than external. The hack could have occurred through him having employee access to the systems."

If the attack is external, the hacker could have exploited a known weakness in the web server. "The latest IIS unicode exploit would allow him to execute commands on the website without any log-in authentication if there is no patch."

Rogers said the hack was "embarrassing" for a security company and brought into question why they have not got the correct procedures and policies in place.

"At the end of the day humans are the weakest link in the chain and you have to rely on trust. Even internal access should be restricted to trusted users, or you can come unstuck.eEye was unable to respond at the time of publication.

Meanwhile a teenage computer hacker in Hong Kong has been sentenced to a maximum of six months in a detention centre for causing the network of a leading local internet service provider to crash.

19-year old Choi Kong-lam was convicted of causing criminal damage after staging a string of hacker attacks earlier this year against the networks of the then Cable & Wireless HKT.

Matt Tomlinson, business development director for MIS said it was "a positive stance by the authorities."

"It is a wake-up call for the US and UK. Corporate thinking here is that individuals are not worth going after."

Separately, Microsoft has had one of its international websites defaced. www.microsoft.si was attacked by a hacker called Furia.br.