CLOSINGS AND DELAYS:

Bradford Schools-Miami Co, Covington Exempted Village Schools, Greenville City Schools, Greenville St. Mary's School,

Newspaper site hacked with pro-ISIS message

Published: Saturday, March 07, 2015 @ 2:32 PM
Updated: Saturday, April 25, 2015 @ 8:18 PM

UPDATE @ 8:15 p.m. (April 25)

A free weekly newspaper’s website was targeted tonight by an individual or group sympathetic to ISIS.

Paul Noah, publisher and owner of the Dayton City Paper weekly arts and entertainment publication, said it could be related to a story they ran that supported Charlie Hebdo, the French magazine attached over a cartoon it ran depicting Muhammad.

“We were scared. In fact, I almost stopped it the night before when we were going to go to press with this because last minute I was fearing for the welfare of my team,” Noah said.

The paper’s homepage plays foreign music, has a photograph of a masked man holding what appears to be an assault rifle and displays a message that includes: “Hacked by Team System DZ. I am Muslim & I love Jihad. I love ISIS <3.”

The newspaper publisher said he found FBI warnings online about hackers breaching the software the paper uses for its website. However, Noah, said he didn’t notice anything amiss until tonight on his website.

Similarly, the Eldora Speedway’s website was hacked last month. Foreign music was playing and this message was posted on its homepage: “Hacked by Islamic State. We Are Everywhere :)”

The Darke County dirt track owned by NASCAR driver Tony Stewart was one of at least three websites hacked March 7 in southwest Ohio. Websites for Montgomery Inn and Moerlein Lager House in Cincinnati also were compromised with a similar message appearing on their homepages.

It is not clear whether tonight’s incident is connected, nor whether any other area websites were hacked by the same group.

UPDATE (March 7)

Experts weigh in on alleged ISIS hacks

The websites of at least a dozen businesses — from Boston to Missoula, Montana — were hacked this weekend.

A black banner with a symbol and the message, “Hacked by Islamic State (ISIS) We Are Everywhere :)” scrolled on the top of the websites that reported the attacks.

Moerlein Lager House, a brewery in Cincinnati, and the Montgomery Inn, a Cincinnat-area restaurant, were all hacked with the image. Additionally, the Eldora Speedway in Darke County was attacked.

It’s unclear if the attackers are related to the Islamic State at this time, said Michael Hartzler, the director of the Greater Cincinnati Fusion Center. The center coordinates with local, state and federal law enforcement agencies to combat terrorism.

“Cyber attacks are probably at the top of the the threat list for the United states,” he said. “Even if there’s a connection with a foreign national group is unknown at this point. As we’ve seen, there’s people who hack websites who have no association with foreign nationals. It’s really unpredictable.”

A spokesman for the FBI declined Monday to release any new information about the incidents.

Law enforcement agencies could spend months trying to figure out who’s behind the attacks, said retired Col. Larry James, a Wright State University psychology professor who formerly served as the chief psychologist at Guantanamo Bay.

FIRST REPORT (March 7)

Eldora Speedway’s website was one of several targeted in this area and in at least one other major U.S. city in recent days by an individual or group claiming to be part of the Islamic State of Iraq and Syria.

A black banner across the top of the Darke County raceway’s website displayed a message and image saying the site had been hacked by ISIS and a second message reading, “We Are Everywhere ;)”. Foreign music also played in the background of the site’s homepage.

“We got right on it and notified the Darke County Sheriff,” said Roger Slack, general manager for the Darke County race track. “It actually appears to have been a plug-in, a common plug-in used by different websites.”

Sgt. Tony Royer of the Darke County Sheriff’s Office said a detective has been assigned to investigate the apparent security breach on the website, which Slack said is hosted by GoDaddy.com.

“We want everybody to make sure that if they have anything like this happen to them on their website (or) personal emails, contact their local authorities and jurisdictions to report it,” Royer said. “I think everyone needs to take it seriously.”

Royer said the sheriff’s office has contacted additional state and federal authorities to investigate, including the FBI.

“The FBI is aware of the reported incidents and is contacting the impacted parties,” said FBI spokesman Todd Lundgren, who could not confirm or deny if the hack was a legitimate ISIS threat.

Eldora Speedway’s website was one of at least three hacked in the Dayton and Cincinnati area Saturday. Websites for Montgomery Inn and Moerlein Lager House also were compromised with a similar message appearing on their homepages.

St. Louis television station KSDK reported similar incidents involving two business websites there.

KSDK reported MERS Goodwill and a digital agency, Elasticity experienced the hacks Friday.

According to the television station, the message displayed in Arabic writing on the sites, which was identical to those posted on websites in Saturday’s hacks locally read, “There is no God, but God.”

The two St. Louis businesses claimed the attacks of its websites Friday were not directly targeting the businesses, but instead the hosting company of the websites, Liquid Web.

“We take the security of our clients very seriously and, in addition to our efforts maintaining secure networks and data centers, we strongly encourage our users to maintain updated software,” Liquid Web told KSDK in a statement.

Bryan Fite, president of Dayton-based Meshco, teaches offensive and defensive computing techniques and said it’s important to keep these latest hacks in context.

“Obviously this is meant to get some type of emotion out of people,” Fite said. “I think the most important thing is don’t jump to conclusion. Let the investigators do their job.”

This newspaper reached out to Eldora Speedway’s hosting company, GoDaddy.com, for comment, but have not heard back.

Eldora Speedway’s website returned to normal by 4:30 p.m. Saturday with a message from management thanking the sheriff’s office, FBI and GoDaddy.com.

Content Continues Below

Trending - Most Read Stories