Cyber Incident Victim: Richland County Parks Commission
Date:
Nov 2015
Location:
United States of America
Summary
A pro-ISIS hacking group known as Team System DZ compromised three domains belonging to a Wisconsin county government, defacing websites for its Veterans Services Office, Emergency Management, and Recycling departments with messages supporting the terrorist organization. The attackers displayed a "Hacked By Team System Dz" banner accompanied by Arabic audio and a statement promoting ISIS ideology, including references to "#Op USA" and calls for jihad. The incident mirrored the group's previous cyberattacks against entities such as the University of Toronto and Isle of Wight, Virginia. While the defacements disrupted online services, no evidence confirmed unauthorized access to sensitive data. All affected websites were restored to normal operation shortly after the breach.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
On November 28, 2015, pro-ISIS hacking group Team System DZ defaced three Richland County, Wisconsin government domains: the Veterans Services Office (veterans.co.richland.wi.us), Emergency Management (em.co.richland.wi.us), and Recycling (recycling.co.richland.wi.us) websites. The Algerian-based group, previously known for hacking the Richland County Sheriff’s Department in March 2015 and other targets like the University of Toronto and Isle of Wight, Virginia, replaced the sites’ content with a defacement page displaying “Hacked By Team System Dz” before 9 p.m. ET. The attackers embedded an Arabic-language audio track and a written statement supporting the Islamic State, which included the hashtag “#Op USA | Ir | il | Ru | Fr” and declared intentions to “restore the dignity of Muslims” while vowing the group’s expansion. Zone-h.org archived mirrors of all three defaced sites, confirming the compromises. County administrators restored all affected websites to normal operation by the time HackRead published its report later that day. No evidence indicated whether attackers accessed sensitive data or how they breached the county’s systems.
The incident represented Team System DZ’s continued targeting of U.S. local government infrastructure to disseminate pro-ISIS propaganda. Impacts were limited to temporary service disruption and reputational damage from the public defacements, with no reported data theft or secondary compromises. The county’s response involved rapid restoration of the legitimate websites but did not include public disclosure of technical details about the attack vector or security improvements. HackRead attempted to contact Richland County administrators for additional information but received no reply before publication. This attack occurred amid broader cyber conflicts between pro- and anti-ISIS factions, though the article noted anti-ISIS groups like Anonymous typically dominated these engagements. The defacements aligned with Team System DZ’s established pattern of brief, symbolic website takeovers rather than sustained network intrusions.