Multisport website hacked
ISIS banner shows up on Yk homepage, one of many victims worldwide; local expert blames web-crawling robots
Elaine Anselmi
Northern News Services
Wednesday, March 11, 2015
SOMBA K'E/YELLOWKNIFE
The Yellowknife Multisport Club is taking a hacking of its website with humour.
The Yellowknife Multisport Club's website was hacked Monday afternoon, purportedly by ISIS, though this is not verified. - NNSL screen capture |
The attack, purportedly carried out by Islamic militant group ISIS, took over the club's homepage on Monday with a track of uptempo music and Arabic writing greeting visitors.
"One of our directors picked it up. She checked Friday and everything was fine and then this morning there was a new banner and interesting music being played," said Damian Panayi, a director with the club, adding the group is considering using the tune for warmups at upcoming events.
With the Frostbite 50, a 50-kilometre non-competitive ski event set for March 28, Panayi took the silver lining approach to the hacking, saying the publicity might see a few more participants sign up.
By Monday afternoon he said there were no particularly unexpected applicants – registrants are largely from within the territory with the exception of two from Ottawa and Los Angeles.
"Between LA and ISIS, we're really giving the event an international feel," said Panayi.
"We're marketing it to an international clientele."
The website to register for the event is fortunately separate from the website, so no personal information will be compromised due to the hacking.
As for the club site, Panayi said the club is working with Northwestel to clear the homepage and hopefully the club's name from national security lists.
"We have a ticket in with Northwestel who hosts the website and they are trying to go to a backup to restore the website to a previous version," said Panayi.
The website was originally built by Outcrop. Though the Yellowknife-based company no longer maintains it, interactive director Doug Johnston said Outcrop is helping to get the site back up and running.
"Whoever maintains the server has the ability to roll back," said Johnston.
"They go to a backup, just like if you backup your files on a hard drive. If a file gets deleted or changed, you can go back and get a version. It works the same with a website."
International company
The hackers have posted the same black flag with white Arabic writing – as well as the English message: "Hacked by Islamic State (ISIS), We are Everywhere" – on websites across Europe and North America.
"Right now, you've probably noticed a few hundred thousand hits today by the same sort of 'script kiddies,'" said Johnston.
"They're people that design bots, automated scripts, that go through hundreds of thousands of websites and are sort of trained to look
for vulnerabilities."
Those vulnerabilities, Johnston said, could include a weak password or out of date software.
"Once found, they try to attack in many ways," said Johnston. "If they find a way in, they go in and try to implant a code or graphic."
Johnston said it is unlikely that the club was targeted.
Whether the hacker is actually affiliated with ISIS has yet to be determined but the attacks are under investigation by the FBI.
Since the hacking, passwords for club e-mails and the website have been changed, Panayi said, hoping the message would be removed within a day or two – at press time the message remained. Despite the small amount of work created in fixing the site, he did not expect there to be a significant impact.
"We're not planning any extra security at Frostbite 50," Panayi said.
"Once the website issue is resolved, I don't foresee any long-term problems."