FBI says ISIS website defacements not by terror group, but urges patching

  • Liam Tung (CSO Online)
  • 08 April, 2015 09:33

The Federal Bureau of Investigations has warned Wordpress admins to patch their sites to halt website defacements that use ISIS name to grab headlines.

The recent spate of attacks on websites in Europe and the US that claimed to be in the name of terror group ISIS were nothing more than attempts by hackers with low-level skills to boost the profile of their attacks,according to the FBI.

The agency began investigating a number of websites defacements in March that affected a rape crisis centre site in Ireland and a NASCAR owned site, among others. That attacks, supposedly in the name of ISIS, suggested the attackers may have been ISIS agents.

The agency on Tuesday said the attackers, far from being volunteers or agents of the organisation, were merely attempting to gain more attention than their exploits warranted.

“The FBI assesses that the perpetrators are not members of the ISIL terrorist organization. These individuals are hackers using relatively unsophisticated methods to exploit technical vulnerabilities and are utilizing the ISIL name to gain more notoriety than the underlying attack would have otherwise garnered,” the agency said in an update on the Internet Crime Complaint Center's (IC3) site.

While law enforcement in the US doubted the attacks were by actual ISIS agents, the FBI was called in to investigate the incidents.

The attackers may not be agents of an extremist organisation but website operators affected by their work could nonetheless lose revenue and face unexpected repair costs, the FBI warned.

To fend off such attacks, it’s urging website admins to be wary of Wordpress plug-in vulnerabilities and provided a number of basic computer hygiene and secure configuration recommendations to ensure potential victims don’t succumb to the low-level attacks.

“Methods being utilized by hackers for the defacements indicate that individual Web sites are not being directly targeted by name or business type. All victims of the defacements share common WordPress plug-in vulnerabilities easily exploited by commonly available hacking tools,” the FBI said.

The agency didn’t identify the precise plug-ins that were vulnerable but noted patches were available for identified vulnerabilities that could ultimately allow an attacker to take control of an affected system.

It also noted that the attackers were not discriminating in the targets they selected, which have included websites and communications platforms of news organizations, commercial entities, religious institutions, federal/state/local governments, foreign governments, and a variety of other domestic and international Web sites.

This article is brought to you by Enex TestLab, content directors for CSO Australia.