Two incidents spur county to consider replacing its site host
Staff writer
Marion County’s website was hacked twice in early August, possibly by two different suspects, one of whom left an obscene message on the site.
“It seems like this was trivial, but we’re taking steps to prevent it from happening again,” Spencer said.
Those steps could include changing the county’s website host, she said.
“We’ll do whatever it takes to keep the website secure,” Spencer said.
The hackings were never discussed in open meetings, but commissioners were notified of both the incidents. County clerk Tina Spencer said commissioners knew about the incidents but kept mum for security reasons.
No data was stolen, but the website was defaced on both occasions, Spencer said.
The problem apparently stemmed from an attack on Thomson Reuters, vendor company the county hires to host its website. Thomson
Reuters charges the county $7,182 per year for website hosting and related services.
On Aug. 3, visitors to the county’s page were redirected to a photo of Mecca and a message, “Hacked by a Muslim.”
Spencer said county employees noticed the message and alerted her that day.
“At first we thought it was a minor blip and we had to dig a little deeper,” Spencer said.
The county information technology consultant was notified. He contacted Thomson Reuters, and they fixed the problem, Spencer said.
Information about the incident was e-mailed to commissioners over the weekend. The county was in contact with Thomson Reuters Aug. 4 and 5 and the county information technology consultant ran diagnostic tests on the server.
The website was targeted again Aug. 6. What appeared that day was a hand with a middle finger sticking up and the message, “F - - - the police,” with the first word of that message fully spelled out, Spencer said.
This time the county notified both Thomson Reuters and the secretary of state’s office. A change in federal rules after the 2016 election requires counties notify that office of any cyber attacks.
The website was taken down and was back up by that evening.
County governments have become frequent targets of hackers trying to take advantage of county websites and information, Spencer said.
Spencer said the county hasn’t gotten a report yet on what steps Thomson Reuters has taken to prevent further attacks, nor on what exactly happened.
For the majority of the time Aug. 3 through 6, the website functioned normally, she said.