Over 800 school websites across the United States were hacked by a pro-ISIS hacking group, possibly gathering up as much information as they could last Monday!
The widespread hack lasted two hours, in which visitors were redirected to a YouTube propaganda video featuring Arabic audio, the text, “I love Islamic State (ISIS)” and images of former Iraqi dictator Saddam Hussein.
The FBI is investigating the source of a hack and is currently looking into the incident.
Authorities claim all affected websites are hosted by the company School Desk.
Technicians discovered a small file placed into the root of one of the company’s websites, which caused the re-direction.
Pro-ISIS hacking group, Team System DZ, has taken responsibility for the hack.
Meanwhile, many of the schools have increased police presence on campus following the incident.
“Unless we have irrefutable evidence to suggest otherwise, we need to assume confidential data has been compromised,” Hamid Karimi, vice president of business development and the security expert at Beyond Security. “That should be a cause for concern. To remedy the situation, all schools and institutions that serve minors must submit to (a) stricter set of cybersecurity rules.”
The breached school websites, which spanned nationwide from New Jersey to Arizona and Virginia to Connecticut, are all powered by a company called SchoolDesk. The company since has handed over its server — which runs out of Georgia — to the FBI for investigation and also has hired external security firms to trace the hackers. The Atlanta-based company said after the hack that technicians detected that a small file had been injected into the root of one of its websites.
“The websites were redirected to an iframed YouTube video. No data was lost or altered in any way. Because we’re currently working with the FBI in an active investigation of this incident, as well as forensic team from Microsoft, we cannot yet discuss any technical details or exact methods of access to SchoolDesk’s network or software,” a spokesperson for SchoolDesk told Fox News.
The company has insisted that no personal or student information was exposed, but some security experts say the matter should be closely monitored, especially as minors are involved.
“In most hacks, organizations do not have full visibility into what happened or what information was compromised,” surmised Eric Cole, who served as commissioner on cyber security for President Barack Obama, and was formally a senior vice president at MacAfee and the chief scientist at Lockheed Martin. “In almost every breach, what is initially reported is usually extremely conservative and over the weeks following a breach, it is always worse than what was originally reported.”
The proud culprits of the hack? A shadowy pro-ISIS hacktivist outfit known as “Team System DZ.”
Over the last three years, the same group has hacked thousands of websites across the world.
They have hacked several U.S. government sites including the Washington State Department of Health, the Ohio Department of Administrative Services and the Howard County, Maryland government site.
The sites were replaced with a black screen, Islamic calligraphy, the Call to Prayer and the words: “You will be held accountable, Trump, you and all your people every drop of blood flowing in Muslim countries.”
The US has not been the only target. A Canadian police station also was targeted last week, and the city council in Aberdeen, Scotland, and even a local West Yorkshire, England rugby team have been apprehended in the past.
“The wide range of targets all had one common characteristic: they had weak network and web protection,” Karimi pointed out. “It appears that Team DZ was acting opportunistically as opposed to surgically.”
Cyber forensic data has initially indicated that the attacks waged by the group initially came from Algeria, also indicated by the use of the “DZ,” which is the country’s internet domain code.
“What they typically do is cyber-graffiti, they are attempting to spread propaganda on behalf of ISIS to garner support,” noted Dan McNemar, director of threat intelligence at Binary Defense Systems. “A number of pro-ISIS groups have come and gone, Team DZ has certainly been around the longest.”
The question remains, what data, if any, did the group make out with. Many school websites have directory information. They also have scheduled activities, although that information is generally public.
The internet is a wonderful thing, but it has it’s huge negatives as well.
Sign up to get alerts from Joe!