Pro-ISIS hackers deface Ohio government websites

Anti-Trump statements posed on state government websites, including Governor John Kasich.

Pro-ISIS hackers deface Ohio government websites

This weekend a number of state government websites in Ohio were defaced by a pro-ISIS group calling itself Team System DZ.

Visitors to the sites were greeted with messages supporting the Islamic State terror group, and had the Islamic Call to Prayer played through their computer's speakers.

As local media reports, affected sites included the official website of Ohio state governor John Kasich, first lady Karen Kasich, the Ohio Department of Rehabilitation and Corrections, the Casino Control Commission, the Office of Health Transformation, and the state Inspector General, amongst others.

Defaced governor's website

"Anti: Govt all word
You will be held accountable Trump, you and all your people for every drop of blood flowing in Muslim countries.
I love the Islamic state"

What's probably helpful to remember is that just because a website is defaced does not necessarily mean that any sensitive data has been stolen from it. But it does suggest that there has been a security failure - perhaps the administrators of the sites have demonstrated poor password security, perhaps the sites had not been properly patched against vulnerabilities, perhaps sites allowed administrators to log in remotely without proper authentication.

Without more details, it's hard to predict precisely what has gone wrong.

Right now, it seems the site administrators are keen to get things up and running again. Of course, the most embarrassing thing would be to put a site back live only for it to be rapidly hacked once more - so it's likely that the IT team responsible will be keen to keep sites in "maintenance mode" until they are confident they have identified the hackers' entry point and secured vulnerable systems.

Defaced site under maintenance

One thing we can be certain of: the hackers appear not to be very keen on Donald Trump.

That should have narrowed down the list of suspects nicely.

Tags: , , ,

Smashing Security podcast
Check out "Smashing Security", the new weekly audio podcast, with Graham Cluley, Carole Theriault, and special guests from the world of information security.

"Three people having fun in an industry often focused on bad news" • "It's brilliant!" • "The Top Gear of computer security"

Latest episode:

, , ,

3 Responses

  1. drsolly

    June 26, 2017 at 2:01 pm #

    Someone uploaded a couple of files to me. One was an exe file (which I couldn't run even if I wanted to because linux can't run Windows files) and the other was a JPG which announced "You've been hacked".

    Not even a good try.

    And there's a steady stream of emails with attachments; I don't know what would happen if I clicked on them, but I'm guessing it wouldn't be good.

    A fairly clueful person I know; his wife just downloaded a free cloud storage thing from somewhere in China, and that turned out to be malware.

    Wouldn't it be great if someone wrote a program that prevented malware from acting.

    • YourFilesareLocked in reply to drsolly.

      June 27, 2017 at 4:33 pm #

      There is a program , it's called common sense and if used properly it works wonderfully … don't open stuff from people you don't know or offers that sound to good …… unfortunately the processor that it runs on is glitchy and has memory leaks ….

  2. Michael Ponzani

    June 27, 2017 at 3:28 pm #

    This really concerns the Snapchat article. Since I have to log in with all the CIA sponsored social media sites, I'll speak my mind here. "We have nothing to say, nothing to do. (?)" The users of this deserve to lose all their privacy. Mindless twaddle.

Leave a Reply