Hackers vandalized two of the state of Minnesota’s webpages last week, say IT officials — the second incident of government website defacement in Minnesota in two weeks.
For a brief time on Aug. 5, messaging that officials have described as “anti-government” covered a Minnesota Department of Human Services refugee services page and administrative portal, according to reports. Minnesota’s Security Operations Center quickly pulled them down and as of Friday was still investigating the incident.
Minnesota Chief Information Security Officer Aaron Call told StateScoop that, so far, there has been no evidence of a data or security breach. It was an isolated and “essentially benign” incident of webpage defacement, he said, which has become a kind of subculture among some hackers. The digital vandals infiltrate webpages, scrawl their names across them, and upload screenshots to online message boards, vying to get on the most impressive sites.
But while there was no loss of information, he said, it was still cause for concern.
“What it means is that there was a flaw in that website,” Call said. “So from that perspective, even though what was done appears to be a benign incident, it does mean that we had a public-facing website with a vulnerability on it. And I take that exceptionally seriously.”
The incident comes after a similar attack on a Minnesota county website the week before.
On July 30, the homepage of Stearns County, a part of the larger Minneapolis metro area, displayed a photo of an individual with a Guy Fawkes mask and a sign advertising crudely for “the revolution,” according to local news outlets. The county’s information services director, George McClure, told press that the company hosting the site took it down temporarily and it’s since been restored, sans Guy Fawkes.
Call confirmed that the Stearns County incident was similar to the defacement of state webpages, but did not comment further on whether the two incidents were linked. The tag the hacker left the state of Minnesota, Call said, had appeared on “hundreds of other private and public sector websites around the world,” meaning it was unlikely to be a targeted attack on the state, or the individual webpages.
For such “cyber-vandals,” though, government websites are often a prime target. According to an analysis conducted by the cybersecurity firm Trend Micro of 13 million defacement incidents since 1998, the intent is hardly ever to cause damage — 99.9 percent of the incidents the report were classified as benign. Rather, the report says, they are looking for the notoriety that successfully breaking onto a government webpage brings, either to them or their political movement.
On a state level, Call said, vandals are rarely successful. “Globally this is not terribly unique at all,” he said. “It’s not a common occurrence on state websites.”