Pro-ISIS group hacks county
Jeremy Styron
When Vinny Cannon, a Loudon High School alumnus and current graduate student of intelligence studies in Erie, Pa., scanned his Twitter feed earlier this week, he was surprised to find his home county mentioned in tweets related to cyber security and Islamic State of Iraq and the Levant.
“It kind of threw me off,” Cannon said. “It doesn’t make sense to me. It was probably some kids messing around and got to the database somehow. I see things that come across my Twitter feed, but nothing that kind of hits back to home.”
A group known as United Cyber Caliphate posted a link Tuesday to a list of 11 local residents, including home addresses, phone numbers and a couple email addresses, in a message specifically referencing Loudon County.
The list includes previous and current members of the Loudon County Regional Planning Commission from a few years ago. At least one person on the group is no longer alive and three others are former members.
Loudon County Sheriff Tim Guider said his office received information about the names through a subcontractor with the U.S. Department of Justice. He said police were considering the post as a “scare tactic.”
“As far as we know because this list is over four years old, and it’s public record,” Guider said, noting that his office found out about the Twitter post as a planning commission meeting was in progress. The board meets the third Tuesday of each month.
“It was just kind of an open letter, just recruiting anybody that wanted to attack these people in the name of Allah,” Guider said. “It’s an old list. … We’ve notified everybody, and we’re working very close with the FBI on it. They don’t seem to think — to give much credit to it.”
The Twitter post links to a third-party website containing a text document with the names and addresses. The post reads, “IN THE NAME OF ‘ALLAH’ #UCC / CALIPHATE HACKERS DIVISION DATABASA (sic) of Loudon County, Tennessee #USA GOV #DOWN (link) #UCC.” At document appears in a database format and near the bottom includes the messages, “WE ARE (the) ISLAMIC STATE,” “WE ARE (a) NATION” and “WE ARE POWER,” followed by various other hashtags.
Daniel Damron, cyber squad supervisor with the FBI’s Knoxville field office, said his office was collaborating with county officials to ensure public databases are secure.
The list did not include any sensitive information such as Social Security numbers, medical information or financial records.
“At this point, we’re coordinating with Loudon County’s IT (Internet technology) department to check into it,” Damron said. “Because the information is out there is (public record). It’s out there open source as well. If, in fact, that’s what it is, it’s going to be difficult to devote time and resources to that kind of thing with other things going on with people losing money” and other crimes.
Damron said UCC was sympathetic to ISIS, but he didn’t have more information on the group.
“They don’t care where they get this information from,” he said. “They’ll post it on Twitter because it makes them look good. It makes them look like they’re hacking into the United States. … To them it’s the government of the United States whether it’s Loudon County or Washington, D.C.”
According to SITE Intelligence Group, a non-government organization that monitors jihadist activity, pro-ISIS hackers have been around for a couple years, but UCC in its current form originated around Sept. 11, 2015.
Most recently, UCC published a list of names and addresses of 3,600 supposed New York residents, but the information turned out to be fake, according to SITE officials.
Steve Fritts, Loudon County Internet technology director, said his department follows “standard security measures” like patching software, keeping web servers behind a firewall and protecting individual accounts.
“We don’t really have any info on the web server that is not public information except for the user accounts to add and remove records from the database,” Fritts said. “So those accounts, the passwords those are encrypted.”
He said the county does not maintain any sensitive information on its website.
“I hope that the public understands there is no private info as far as Social Security numbers, employment information,” Fritts said. “Sensitive information is kept behind the firewall.”
Fritts said hackers attempted to get into the county database for about 30 minutes Monday, noting that potential hackers frequently scan a range of online identifiers, known as Internet protocol addresses, in an attempt to access sensitive information.
“You’re always under attack, really, that’s the way I see it,” he said. “What was unique about this one, they were trying to hack in through the contact form on the website, and that’s what we use to allow the public to email the mayor or email the public if there’s a problem on the website.”
Fritts said the IP address in the recent incident can be traced back to Baghdad. Because of various anonymity tools available online, the real IP location could be anywhere, according to SITE.
Law enforcement and government officials seem to think the incident in Loudon County was just a random target.
“I would say that if the other counties looked they would see these attempts as well,” Fritts said. “What’s probably happened is somebody used a tool, and they put a range of IP addresses. Those tools are free. They’re easily accessible on the Internet. We get scanned pretty often.”
Fritts noted that he thinks the county database was breached and the information was not simply pulled from a cached or archived website.
“They used that tool to pull that info out of the database,” Fritts said. “Technically, I would call it a hack because they pulled that our of the database in a way that we didn’t intend it to come out.”
Martin Brown, whose name appears on the list distributed online, left the planning board earlier this year after his term expired. He said he was not fazed by news about the data breach, noting that it was “kind of weird.”
“I’m an old man,” Brown said. “I don’t rally get upset about much. So no, I’m not really perturbed about it to be honest with you. I just think it’s kind of ridiculous. It won’t change anything I do.”