Cyber Incident Victim: Lamont Christian Reformed Church
Date:
Apr 2016
Location:
United States of America
Summary
The website of Lamont Christian Reformed Church was compromised by pro-ISIS hackers known as the United Cyber Caliphate, who replaced its content with a threatening jihadist video and Arabic text. The defacement featured a historic ISIS recruitment video containing explicit threats of violence and religious conquest by spokesperson Abu Muhammad al-Adnani al-Shami. A teenager discovered the breach while searching for the church's contact information. The hosting provider restored the site within a day, but subsequent attendance at services dropped significantly to only six individuals. Federal authorities, including the FBI, investigated the incident amid broader concerns about ISIS-affiliated cyber activities targeting religious institutions.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
On April 22, 2016, the website of Lamont Christian Reformed Church (lamontcrc.org) in Lamont, Michigan, was defaced by the pro-ISIS hacking group United Cyber Caliphate. The intrusion was discovered late Friday afternoon by a 15-year-old girl attempting to locate the church’s contact information through a web search. The attackers replaced the site’s original content with a YouTube video featuring ISIS spokesperson Abu Muhammad al-Adnani al-Shami delivering a recruitment message. The video contained explicit threats, including vows to "conquer Rome, break crosses, and enslave women," framed as religious prophecy. Accompanying Arabic text reinforced the video’s extremist messaging. The defacement remained publicly visible until mitigation efforts began.
C.C.S. Technologies, the church’s website hosting provider, restored the site to its original state the following day. The incident prompted an immediate law enforcement response, with the FBI and other authorities launching an investigation into the breach. Attendance at the church’s next sermon plummeted to six individuals, reflecting community apprehension following the attack. Media coverage highlighted the defacement as part of broader activity by pro-ISIS cyber groups, though no additional technical details about the attack vector or network compromise were disclosed. The restoration process did not involve publicized challenges, and no further disruptions to the website were reported after service was reinstated.