Pro-ISIS hackers deface Ohio government websites

Graham Cluley

Pro-ISIS hackers deface Ohio government websites

Pro-ISIS hackers deface Ohio government websites

This weekend a number of state government websites in Ohio were defaced by a pro-ISIS group calling itself Team System DZ.

Visitors to the sites were greeted with messages supporting the Islamic State terror group, and had the Islamic Call to Prayer played through their computer’s speakers.

As local media reports, affected sites included the official website of Ohio state governor John Kasich, first lady Karen Kasich, the Ohio Department of Rehabilitation and Corrections, the Casino Control Commission, the Office of Health Transformation, and the state Inspector General, amongst others.

Defaced governor's website

“Anti: Govt all word
You will be held accountable Trump, you and all your people for every drop of blood flowing in Muslim countries.
I love the Islamic state”

What’s probably helpful to remember is that just because a website is defaced does not necessarily mean that any sensitive data has been stolen from it. But it does suggest that there has been a security failure – perhaps the administrators of the sites have demonstrated poor password security, perhaps the sites had not been properly patched against vulnerabilities, perhaps sites allowed administrators to log in remotely without proper authentication.

Without more details, it’s hard to predict precisely what has gone wrong.

Right now, it seems the site administrators are keen to get things up and running again. Of course, the most embarrassing thing would be to put a site back live only for it to be rapidly hacked once more – so it’s likely that the IT team responsible will be keen to keep sites in “maintenance mode” until they are confident they have identified the hackers’ entry point and secured vulnerable systems.

Defaced site under maintenance

One thing we can be certain of: the hackers appear not to be very keen on Donald Trump.

That should have narrowed down the list of suspects nicely.

Graham Cluley Graham Cluley is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent security analyst, he regularly makes media appearances and is an international public speaker on the topic of computer security, hackers, and online privacy. Follow him on Twitter at @gcluley, or drop him an email.

3 Replies to “Pro-ISIS hackers deface Ohio government websites”

  1. Someone uploaded a couple of files to me. One was an exe file (which I couldn't run even if I wanted to because linux can't run Windows files) and the other was a JPG which announced "You've been hacked".

    Not even a good try.

    And there's a steady stream of emails with attachments; I don't know what would happen if I clicked on them, but I'm guessing it wouldn't be good.

    A fairly clueful person I know; his wife just downloaded a free cloud storage thing from somewhere in China, and that turned out to be malware.

    Wouldn't it be great if someone wrote a program that prevented malware from acting.

    1. There is a program , it's called common sense and if used properly it works wonderfully … don't open stuff from people you don't know or offers that sound to good …… unfortunately the processor that it runs on is glitchy and has memory leaks ….

  2. This really concerns the Snapchat article. Since I have to log in with all the CIA sponsored social media sites, I'll speak my mind here. "We have nothing to say, nothing to do. (?)" The users of this deserve to lose all their privacy. Mindless twaddle.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Never miss a thing. Sign up for the free GCHQ newsletter from Graham Cluley.
GET UPDATES