Hackers loyal to ISIS hit PCA church websites, others

Hackers claiming allegiance to ISIS have posted jihadist content on websites for several churches and organizations, and more web portals are vulnerable to the attacks. Jim Richter, pastor of Westminster Presbyterian Church, a Presbyterian Church in America (PCA) congregation in Johnson City, Tenn., learned about a cyberattack on his church’s site Jan. 22 when a church member sent him an email. The member visited the website and saw “I love ISIS and Jihad,” a violent video, and obscene language. The hackers claimed to be located in Algeria.

Richter’s church wasn’t the only hacking victim. The hackers also defaced the websites of Pastor Michael Milton, president of Faith for Living Inc., and Hope Presbyterian Church, another PCA church in Martinsville, Va.

Hope Presbyterian’s pastor David Gilleran, a retired military officer and chaplain, told me he was reluctant to give attention to the hack. “[The hackers] want free publicity,” he said.

“There are groups out there that do this every day, and they’re looking for publicity, as well as looking to try to unnerve people,” he told the Martinsville Bulletin.

Five More Talents, a web-hosting company for churches and Christian organizations, designed and hosted the three sites on a server in Texas. CEO Douglas Vos said the attacks were random; websites for a community college, wedding planner, and Virginia county government stored on the server were also defaced.

These attacks are common in the cybersecurity world. Small businesses, churches, and organizations can expect between 500 and several thousand attempted hacks each month, Vos said.

“It’s not a question of if you’ll be hacked, but when your website’s defaced what you’ll do next,” he said. “Most people are protected because of relative obscurity. But obscurity won’t protect you forever.”

Website hackers break into servers to harvest information or to deface websites, as in this case. Hackers frequently know before software companies when vulnerabilities occur. And vulnerabilities can occur at several different levels such as the server, server hardware, operating system, or control panels.

To prevent post-hack chaos, Vos recommends backing up websites frequently, possibly daily. And web managers should store the backups somewhere other than the website’s server. Backups allow web managers to restore compromised sites easily. And, of course, consistent update installation and airtight passwords can prevent hacks from occurring. In the case of the church hacks, all the websites were up-to-date, making it difficult to determine the vulnerability’s location, Vos said.

As hackers become more proficient, the standards for normal and reasonable website security changes yearly. Five More Talents now offers additional firewall protection that was unnecessary when the company first started.

Even the U.S. military hasn’t been completely immune to cyberattacks by ISIS. Hackers claiming ISIS allegiance took over military social media accounts Jan. 12, posting jihad propaganda and some military documents. The hackers didn’t leak classified information, so the government classified the attack as “cybervandalism.”

Meanwhile, the FBI continues to investigate the Jan. 22 hack on Five More Talents.