Cyber Incident Victim: Richland County Land Conservation Department
Date:
Nov 2015
Location:
United States of America
Summary
A county government's Veterans Services, Emergency Management, and Recycling websites were defaced by pro-ISIS hackers Team System DZ, who replaced content with propaganda messages and Arabic audio. The Algerian-based group, previously linked to similar attacks on other government and educational sites, expressed support for Islamic State but did not compromise sensitive data. All affected domains were restored shortly after the incident.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
On November 28, 2015, pro-ISIS hacking group Team System DZ executed a coordinated defacement attack against three Richland County, Wisconsin government websites. The Algerian-based group compromised the domains for Richland County Veterans Services, Richland County Emergency Management, and Richland County Recycling, replacing legitimate content with a page displaying "Hacked By Team System Dz" alongside Arabic-language audio. The defacement included a written statement supporting ISIS, referencing "#Op USA | Ir | il | Ru | Fr" and declaring ideological alignment with phrases such as "I love you Islamic State & Jihad Islamic State remain and expand" and "We will restore the dignity of Muslims." Zone-h.org mirrors provided publicly accessible evidence of all three compromises. This incident marked the group's second known attack against Richland County infrastructure, following their March 2015 breach of the Richland County Sheriffs Department website. Historical context indicated Team System DZ had previously targeted the University of Toronto and Isle of Wight, Virginia with similar pro-ISIS messaging. The defacements occurred before 9:00 PM ET and were detected through visible website alterations.
County administrators restored all affected websites to operational status prior to the publication of HackRead's reporting on November 28. No forensic findings regarding potential data exfiltration or unauthorized access to sensitive systems were disclosed in available records. The incident occurred amid documented cyber conflicts between pro-ISIS actors and anti-ISIS groups like Anonymous, though no direct connection to contemporaneous counter-operations was specified. HackRead confirmed outreach to Richland County administrators but received no substantive response regarding intrusion vectors or compromised assets at the time of reporting. Restoration efforts focused on removing defaced content rather than implementing publicly disclosed security enhancements. The attack temporarily disrupted public access to emergency management, veterans services, and recycling information portals without causing confirmed secondary operational impacts. Team System DZ's repeated targeting of Richland County infrastructure highlighted persistent vulnerabilities in the municipality's web presence.