Cyber Incident Victim: County Fair
Date:
Apr 2016
Location:
United States of America
Summary
Pro-ISIS hackers Team System DZ compromised multiple Richland County government websites, including the Sheriff's Department, County Fair, and emergency services portals, defacing them with terrorist propaganda and threatening messages. The attackers displayed ISIS logos and warnings of impending takeover, marking their third successful breach of the county's systems within a year, having previously targeted veterans services and law enforcement sites. This Algeria-based group also claimed responsibility for prior intrusions at the University of Toronto and Isle of Wight, Virginia. All affected county websites were restored following the incident, though the repeated breaches highlighted persistent security vulnerabilities across the local government's digital infrastructure.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
On April 15, 2016, multiple Richland County, Wisconsin government websites were compromised and defaced by the Algeria-based hacking group Team System Dz. The attack occurred on a Friday, with the hackers targeting at least ten county-operated domains, including the Richland County Government main site, Sheriff’s Department, Ambulance Service, Veterans Services, Recycling Committee, Health and Human Services, County Fair, Land Conservation Department, Parks Commission, and Emergency Management. The attackers replaced legitimate website content with a defacement page displaying the official logo of the Islamic State (Daesh) and a threatening message referencing an ISIS takeover. Team System Dz publicly claimed responsibility for the intrusion, with Zone-H mirrors providing evidence of the defacements. This marked the third successful breach of Richland County’s digital infrastructure by the same group within a twelve-month period, following prior defacements of the Veterans Services and Sheriff’s Department websites with comparable pro-ISIS messaging.
The incident represented a recurring pattern of security failures, as Team System Dz had previously exploited vulnerabilities in the county’s servers during two separate 2015 intrusions. No data theft or service disruption beyond the defacements was reported in the 2016 attack. By the time media reported the incident on April 15, all affected websites had been restored to normal operation. The hackers’ broader activity included prior attacks against the University of Toronto and Isle of Wight, Virginia, though Richland County remained a repeated target. The restoration of services did not address underlying security concerns, as the county provided no public details about remediation efforts or enhanced protective measures following the third breach. The defacements exclusively involved website alterations promoting terrorist propaganda, with no disclosed evidence of deeper network infiltration or secondary attacks following the initial compromises.