Jan 24, 2016 10:11 PM by Cecile Juliette
In Palo Cedro, 8 miles east of Redding in rural Shasta County, the people running the 'Trailhead Youth Ranch' woke up Saturday to find their website had been hacked. Instead of information about the ranch that uses the gospel, and horses, to reach out to at-risk youth, anyone who clicked on their website saw a fast-paced video featuring a man speaking about Islam. "We were quite concerned," says Gwen Hawver, "It had nothing to do with our organization, obviously."
The small, somewhat obscure website trailheadyouthranch.org had been hacked, apparently by a group of people operating out of Egypt, calling themselves 'Anonymous Rabba Square.'
Information Security Expert William Caput says the group is loosely based on the American hacker group 'Anonymous.' He says the group operating out of Egypt is likely not state-sponsored, because governments that hack like to cover their trail. This group likes to show-off it's attacks by posting their handiwork to Twitter, Instagram, and Facebook.
Says Caput, "The trail they left behind shows it's kind of amateur. They're trying to impress themselves, or impress their friends."
The hackers not only left a trail, they chose a soft target. According to Caput, the Trailhead Youth Ranch website hadn't been updated since 2009, making it a prime target. Caput explains, "What we call in the industry, low-hanging fruit. Not something you would normally browse to."
He says this group likely runs automatic scans on random sites. When they come across sites that are hackable, they read the message. If it's a message they don't agree with, they hack it, and take over with their own message of faith. Says Caput, "It's extremely common. A lot of websites don't secure themselves. They don't run updates. They don't patch. If someone has a motivation to hack them, they do."
If you would like to know more about protecting your own website, Caput and his team will be hosting a security convention at Idea Fab Labs in Chico next month. The cost is $25 per person to attend. You'll find more information at Norcon.info.