ISIS Hackers Deface American Businesses
Several websites from California to Somerville, Massachusetts have recently been hacked in the classic way, their contents being replaced by a message from the attacker, in this case the militant Islamic State group currently engaged in civil war in the middle east.
The attacks, which included restaurants on the east coast, businesses on the west coast, and the Indianapolis Downtown Artists and Dealers Association (which was still down at time of writing), were not limited to the United States. Additionally, the Pittsburgh marketing firm Eyeflow went down and in a similar attack, a rape crisis center in Ireland was defaced with the same message:
“Hacked by Islamic State (ISIS). We are everywhere.”
Speaking to Wane.com, Eyeflow CEO Phil Laboon said, “This is the first time it’s hitting home, like ‘wow ISIS can get their tentacles over here.'” In a press release, the IDADA said,
“We just seem to have been hit as randomly as the next organization. The private information of our members was not compromised, so we do not feel our members should have any reason for concern there.”
Attacks Appear Random
The impetus for the attacks appears to be pure opportunism. Whatever security vulnerability these attackers learned to exploit, they clearly found it on multiple servers worldwide. This can be concluded because none of the websites attacked appear to have any connection to each other.
“They search for vulnerabilities within websites and once they find a specific vulnerability they’re looking for, then they go after that site. So being that it’s five different states, it’s pretty random,” said Homeland Security official Gary Coons.
Digital ISIS So Far Not As Dangerous As Real ISIS
It is important, for the purpose journalistic integrity, to specify that these attacks could very well be random hackers from anywhere having fun and using the flag of ISIS as a deflection tactic. The movement for a new Caliphate gained very little besides publicity in these attacks though potentially the whole operation concealed more serious financial or political hacking that was going on simultaneously.
Given that the investigation into the attacks has only just begun, hard facts have yet to surface besides that the attacker proclaimed to be representatives of ISIS. The sophistication of the attackers could have been very high or could have been very low. This type of attack is one step above a Distributed Denial of Service. Most sites have regular back-ups happening, so in the event that they lose their files in a randomized access attack, they can simply re-upload the contents of the site once access has been restored.
The sophistication of government agencies in determining the origins of attacks like these has increased in recent years. One would assume that if the attackers actually are based in the Middle East, working with ISIS, then they will most likely never be brought to justice under the Computer Fraud and Abuse Act or any other western statute. But if that part of hack turns out to be false, the attackers will likely uncovered in the FBI’s investigation.