800 school sites in the USA were among those sites hijacked with photographs of Saddam Hussein along with an ‘I love Islamic State’ messages. A Georgia-based web hosting company confirmed the attack.
New Jersey, Connecticut, Virginia and Louisiana school districts were among the areas affected. The messages also contained a recruitment video. “Team System Dz” claimed responsibility for the large-scale hack which took place at around 4 am EST, on 6 November (Monday).
According to SchoolDesk, the company which runs the schools sites, the main page of the compromised sites displayed a photograph of Saddam Hussein along with messages in Arabic. Translated, the message read “There is no god but Allah” as well as “Mohammed is the messenger of God.” The messages were displayed on a blacked out background while further down the page messages in English read “I love Islamic State.” The company said that the hack was immediately addressed and all infected websites were taken offline.
It also noted that the school’s sites were among private, state and federal sites which fell victim to similar attacks earlier this year. Ohio Governor, John Kasich was among those who had also fallen victim to a similar cyber attack.
The sites would only return online once the situation can be fully resolved, following a full investigation. This investigation would take place at all levels of authority.
In a statement, SchoolDesk said technical staff discovered a “small file” which was injected into the root of one of the SchoolDesk sites. The file the spread to hundreds of other linked sites.The file redirected to 800 school and district websites to a YouTube page.
The page contained an audio Arabic message as well as unknown text and Hussein’s photograph. The exact method and point of intrusion is not known and will form part of an in-depth investigation. According to SchoolDesk, multiple layers of protection was installed to prevent further attacks.
Additional investigations are also underway to determine the origin of the attack and ultimately who was responsible for it. The company has said it will work with security agencies to investigate the attack.
It will also look into other measures to prevent any further hacks. As a secondary precaution, all administrators and staff were told to reset their passwords.Various local, state and federal law enforcement agencies are working with SchoolDesk to investigate the hack.
This includes the FBI and other agencies. Despite the attack, web users were assured that content and data was not compromised in the attack. All web content and data both secured and unaltered were working without issue and did not show signs of compromise.
A SchoolDesk Team worked hard to ensure the system’s network was secured and safe for users to access.