Subscribe

Are ISIS hackers really targeting small businesses? (+video)

A number of unrelated small businesses and other organizations in North America have had their websites hacked to display ISIS slogans and images. Do the perpetrators actually pose a threat? 

  • close
    Third Street Brewhouse in Cold Spring reportedly called police after discovering a message on their website, reports Nina Moini (1:57).WCCO 4 News At 10 – March 8, 2015
    View Caption
  • About video ads
    View Caption
of

The business week has begun in the US with a seemingly unrelated string of hacks on small business websites, with the only connecting thread being that all were claimed by someone using the ISIS logo to either make a political statement or points with fellow hackers.

The website for Eyeflow, a publicity company based in Pittsburgh, had its homepage replaced with a black screen with the ISIS logo and “Hacked by Islamic State 2015. We are everywhere :)”

“It was a server attack, they got in through our host from what we are told,” says Phil Laboon, creator of Eyeflow, a publicity company based in Pittsburgh. “It’s incredible really. I mean, what are the odds that out of all the millions of websites, ours gets hacked by ISIS? I’m more likely to win the lottery. The FBI is coming in to talk to us now.”

A few minutes after the interview the Eyeflow site, which had been up and running during the interview, defaulted to a maintenance screen.

Other organizations were similarly hacked: Southwest Montana Community Federal Union, Eldora Speedway in Rossburg, Ohio, owned by NASCAR star Tony Stewart, a church in Canada and a Goodwill center in St. Louis, Moerlein Lager House and Montgomery Inn in Cleveland, The historic Montauk Manor, a condominium complex on New York's Long Island,  Sequoia Park Zoo in Eureka, California,  Backbar, a bar in Somerville, Massachusetts,  Third Street Brewhouse in St. Cloud, Minnesota and North Douglas Pentecostal Church in Saanich, British Columbia,” according to published reports.

One analyst has likened these hacks to those made of the Twitter account for US Central Command back in January and to a cartoon by the popular webcomic xkcd, which summed up the Chicken Little-style response to an event that was found to be more window dressing than broken windows.

“This is the same, dumb, CENTCOM Twitter feed hack story. This is not ISIS,” says Bruce Schneier, Chief Technology Officer of Resilient Systems, a fellow at Harvard's Berkman Center and a board member of the Electronic Frontier Foundation. “I call this kids playing politics. It happens all the time. This is someone using the mantle of ISIS and not a nation-state attacking U.S. websites.”

Mr. Schneier says, “These are not people with graduate degrees. They’re out there at their computers pushing buttons, looking for vulnerabilities. They could be anywhere in the world. The bottom line is the headline on this one is ‘Car crash. Nobody injured,’ because to people in internet security there is nothing new here.”

While Mr. Laboon says he thought at first the attack was random he now feels “targeted.”

“At first we hoped it would be, like, hundreds or thousands of websites were targeted but then we looked online and found it was only a handful,” Laboon says. “So then we began thinking about why they targeted us? We had a huge fundraiser we called LemonAID that made international headlines. Maybe ISIS re4ad the articles and decided I was a bigger political figure than I am. I don’t know.”

Lemon-AID raised funds for the Pittsburgh-based nonprofit organization, Surgicorps to supply medical missions to help children in developing countries.

Schneier remains skeptical, likening conclusions drawn from these cyber attacks to the way sportscasters explain a player’s sudden run of good plays or a team’s good or bad luck.

“In sports they’re always talking about ‘streaks’ and ‘hot hands’ which are really just a way of inventing a narrative for something completely random taking place,” Schneier says. “Anonymous would do this, hack into a site at random and then back-fill in a narrative to build reputation and cool points. Sure, there could be a person with a political agenda doing this, but the selection of the sites is most likely random. Sometimes things just happen."

About these ads
Sponsored Content by LockerDome
 
 
Make a Difference
Inspired? Here are some ways to make a difference on this issue.
FREE Newsletters
Get the Monitor stories you care about delivered to your inbox.
 

We want to hear, did we miss an angle we should have covered? Should we come back to this topic? Or just give us a rating for this story. We want to hear from you.

Loading...

Loading...

Loading...

Save for later

Save
Cancel

Saved ( of items)

This item has been saved to read later from any device.
Access saved items through your user name at the top of the page.

View Saved Items

OK

Failed to save

You reached the limit of 20 saved items.
Please visit following link to manage you saved items.

View Saved Items

OK

Failed to save

You have already saved this item.

View Saved Items

OK