Cyber Incident Victim: Health and Human Services
Date:
Nov 2015
Location:
United States of America
Summary
A pro-ISIS hacking group compromised three domains belonging to a Wisconsin county government, defacing websites for its Veterans Services, Emergency Management, and Recycling offices with messages supporting the terrorist organization and playing Arabic audio. The attackers displayed a banner proclaiming "Hacked By Team System Dz" alongside text endorsing Islamic State expansion and jihad. While the intrusion disrupted public access to the sites, there was no indication that sensitive data was accessed or exfiltrated. The same group had previously targeted other government and educational entities with similar defacements. County administrators restored all affected websites shortly after the incident.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 1 technique |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
On November 28, 2015, a pro-ISIS hacking group known as Team System DZ defaced three domains belonging to Richland County, Wisconsin. The attack targeted the websites of Richland County Veterans Services, Richland County Emergency Management, and Richland County Recycling. Hackers replaced the sites' content with a page displaying "Hacked By Team System Dz" alongside Arabic-language audio and a written message supporting the Islamic State. The message included phrases such as "#Op USA | Ir | il | Ru | Fr | I love you Islamic State & Jihad Islamic State remain and expand" and called for restoring Muslim dignity through jihad. Zone-H records confirmed the defacements, with mirrors showing the altered content remained visible through the hacking collective's platform. This incident mirrored Team System DZ's previous activities, including attacks on the University of Toronto and Isle of Wight, Virginia websites earlier in 2015. County officials did not immediately disclose how the attackers breached the systems or whether multi-factor authentication was in place. No evidence suggested data exfiltration occurred during the incident.
Richland County administrators restored all affected websites by the time HackRead published its report on November 28. The restoration process timeline and specific remediation steps taken were not publicly documented. Team System DZ's defacement did not disrupt physical emergency services or recycling operations, as the attack only compromised informational websites. Cybersecurity researchers noted the incident reflected ongoing digital conflicts between pro-ISIS groups and anti-ISIS hackers like Anonymous, though no direct connection to broader cyber campaigns was established. The county did not release statements regarding potential vulnerabilities exploited or plans for future security enhancements. HackRead attempted to contact Richland County administrators for additional details but received no reply prior to publication. Historical context showed this marked Team System DZ's second attack on Richland County systems following their March 2015 breach of the Sheriff's Department website.