This weekend a number of state government websites in Ohio were defaced by a pro-ISIS group calling itself Team System DZ.
Visitors to the sites were greeted with messages supporting the Islamic State terror group, and had the Islamic Call to Prayer played through their computer’s speakers.
As local media reports, affected sites included the official website of Ohio state governor John Kasich, first lady Karen Kasich, the Ohio Department of Rehabilitation and Corrections, the Casino Control Commission, the Office of Health Transformation, and the state Inspector General, amongst others.
“Anti: Govt all word
You will be held accountable Trump, you and all your people for every drop of blood flowing in Muslim countries.
I love the Islamic state”
What’s probably helpful to remember is that just because a website is defaced does not necessarily mean that any sensitive data has been stolen from it. But it does suggest that there has been a security failure – perhaps the administrators of the sites have demonstrated poor password security, perhaps the sites had not been properly patched against vulnerabilities, perhaps sites allowed administrators to log in remotely without proper authentication.
Without more details, it’s hard to predict precisely what has gone wrong.
Right now, it seems the site administrators are keen to get things up and running again. Of course, the most embarrassing thing would be to put a site back live only for it to be rapidly hacked once more – so it’s likely that the IT team responsible will be keen to keep sites in “maintenance mode” until they are confident they have identified the hackers’ entry point and secured vulnerable systems.
One thing we can be certain of: the hackers appear not to be very keen on Donald Trump.
That should have narrowed down the list of suspects nicely.
Found this article interesting? Follow Graham Cluley on Twitter to read more of the exclusive content we post.