Cyber Incident Victim: County Fair
Date:
Mar 2015
Location:
United States of America
Summary
Pro-ISIS hackers identifying as Team System DZ breached multiple Richland County government websites, including the Sheriff's Department, County Fair, municipal services, and recreational facilities, defacing them with propaganda supporting ISIS and condemning the US and Israel. The attackers replaced site content with hostile messages across departmental and public service platforms, all of which were subsequently restored following the incident.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
On March 21, 2015, pro-ISIS hackers operating under the name Team System DZ, identified as being based in Morocco, compromised multiple websites belonging to Richland County, Wisconsin. The attackers targeted high-profile county government and public service domains, including the Richland County Sheriff’s Department, City of Richland Center Municipality, Parks Commission, Ambulance Service, Richland County Fair & Recycling, Land Conservation Department, and Richland County Fitness Center. Each compromised site displayed a defacement page containing the message: “Hacked by Team System Dz! I am a Muslim & I love jihad, I love ISIS | Fuck Israel & USA.” The defacement explicitly declared support for ISIS and hostility toward the United States and Israel. Zone-h mirrors archived evidence of the breaches, confirming the scope of the attack. No data theft or disruption of underlying services beyond the defacements was reported. The incident aligned with a pattern of pro-ISIS cyber activity targeting U.S. government entities, following recent breaches such as the January 2015 attack on the Isle of Wight, Virginia website and the February 2015 compromise of Newsweek’s Twitter account.
County authorities restored all affected websites by the time the incident was publicly reported on March 21, though the specific timeline for detection and remediation remained undisclosed. The attack did not involve physical disruptions or explicit threats beyond the ideological messaging. Its primary impact was reputational, exposing vulnerabilities in local government digital infrastructure. The defacements temporarily disrupted public access to official information but caused no lasting operational damage to county services. This incident occurred amid heightened concerns about pro-ISIS cyber operations, including the group’s prior leak of U.S. military personnel data and the Malaysian Airlines website hack attributed to ISIS-affiliated actors. Richland County, with a population of 18,021 as of 2010, had no prior publicly documented cyber incidents of this scale. No further attacks on the county were reported following the restoration.