Cyber Incident Victim: County Fair
Date:
Nov 2015
Location:
United States of America
Summary
A pro-ISIS hacking group known as Team System DZ compromised three county government domains, defacing websites for Veterans Services, Emergency Management, and Recycling with a message supporting the Islamic State and playing Arabic audio. The attackers displayed a declaration referencing "Op USA" and other nations while advocating for jihadist expansion, though no data breach was confirmed. This incident followed prior cyber intrusions by the same group against other government and educational entities. The affected sites were restored to normal operation shortly after the attack.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
On November 28, 2015, pro-ISIS hacking group Team System DZ compromised three Richland County, Wisconsin government websites: Veterans Services (veterans.co.richland.wi.us), Emergency Management (em.co.richland.wi.us), and Recycling (recycling.co.richland.wi.us). The Algerian-based group defaced all domains before 9 p.m. ET that Sunday, replacing content with a page titled "Hacked By Team System Dz" featuring Arabic-language audio and a written statement supporting the Islamic State. The message included "#Op USA | Ir | il | Ru | Fr" declarations alongside jihadist propaganda stating: "I love you Islamic State & Jihad Islamic State remain and expand, God willing, We will restore the dignity of Muslims Glory will return to Islam The dispute will return to outdated Be prepared." This marked the group's second known attack against Richland County, following their March 2015 breach of the Sheriff's Department website. Team System DZ had previously targeted the University of Toronto and Isle of Wight, Virginia with similar pro-ISIS defacements.
County officials restored all affected websites by the time HackRead published its report on November 28. The attackers provided Zone-H mirror links (25119668-25119670) as proof of compromise, but investigators found no evidence confirming whether sensitive data was accessed or exfiltrated. The intrusion method remained undetermined at publication time, with county administrators yet to disclose technical details about the breach. This incident occurred amid ongoing cyber conflicts between pro- and anti-ISIS factions, though no direct connection to Anonymous' reported viagra-based countermeasures against ISIS supporters earlier that week was established. Team System DZ's repeated targeting of Richland County infrastructure highlighted persistent vulnerabilities in the local government's web assets, though immediate service disruptions appeared limited to temporary defacements without reported operational impacts on emergency, veterans, or recycling services during the compromise period.