Cyber Incident Victim: Richland County Veterans Service Office
Date:
Nov 2015
Location:
United States of America
Summary
A pro-ISIS hacking group known as Team System DZ compromised multiple county websites, including Veterans Services, Emergency Management, and Recycling domains, defacing them with propaganda messages and Arabic audio. The attackers displayed a banner declaring "Hacked By Team System Dz" and posted content supporting the Islamic State, referencing their "#Op USA" campaign while advocating for jihad. The same group had previously targeted other government and educational entities with similar pro-ISIS defacements. While the breach involved visible website alterations, it remained unclear whether sensitive data was accessed during the incident. All affected sites were subsequently restored to normal operation following the attack.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 1 technique |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
On November 28, 2015, a pro-ISIS hacking group known as Team System DZ compromised three domains belonging to Richland County, Wisconsin. The attackers defaced the websites of Richland County Veterans Services, Richland County Emergency Management, and Richland County Recycling, replacing their content with a message stating "Hacked By Team System Dz" and playing an Arabic-language audio track. The defacement occurred before 9:00 PM Eastern Time and included a political statement supporting the Islamic State terrorist organization, referencing "#Op USA | Ir | il | Ru | Fr" and declaring "I love you Islamic State & Jihad Islamic State remain and expand, God willing." The hackers claimed their actions would restore Muslim dignity and Islamic glory while dismissing opposition as outdated. Zone-h.org mirrors provided technical confirmation of the compromises, with defacement records archived for all three county domains. No technical details regarding the attack vector or potential data access were disclosed by the attackers or county officials at the time of the incident.
Team System DZ, an Algeria-based threat group, had previously targeted Richland County in March 2015 when they breached the Sheriff's Department website, establishing a pattern of attacking local government infrastructure. The group's historical activities included hacking the University of Toronto and Isle of Wight, Virginia websites to display similar pro-ISIS content. County administrators restored all affected websites to normal operation before the publication of the initial incident report on November 28, though the restoration timeframe relative to the hack onset remained unspecified. The incident occurred amid ongoing cyber conflicts between pro-ISIS actors and anti-ISIS hacking collectives like Anonymous, though no direct connection to broader operations was confirmed in this case. Investigators found no evidence confirming whether sensitive data was accessed or exfiltrated during the breach, leaving the full scope of compromise undetermined.