"Redirecting surfers to a website under hacker control is rather more serious, because this sort of thing can easily be used to spread malware."
I don't see how "merely" defacing a website is "rather less serious" in terms of risk, considering once one has the ability to upload his own index.html, there's nothing preventing one to also attach some malware to it, whether that too gets uploaded the same way or hosted somewhere else.