Pro-ISIS hackers hijacked the websites of roughly 800 U.S. schools and educational districts on Monday, after compromising their web hosting provider, various news outlets have reported.
The hacking group Team System Dz claimed responsibility for the cyberattack, which redirected users to a website displaying ISIS messages and a recruitment video, as well as an image of former Iraqi president Saddam Hussein, according to the International Business Times UK.
The websites’ hosting services provider, Atlanta-based SchoolDesk, reportedly confirmed the attack, noting in a statement that it responded to the incident “immediately” by taking down the impacted websites.
“Our technical staff discovered that a small file had been injected into the root of one of the SchoolDesk websites, redirecting approximately 800 school and district websites to an iFramed YouTube page containing an audible Arabic message, unknown writing and a picture of Saddam Hussein,” the statement reads. “Although the exact method and point of intrusion is not yet fully known (possibly an SQL injection or through a user account with a weak password), we have added multiple layers of redundant protection to prevent this from happening again, as well as taking many additional methods to research how this was accomplished and by whom.”
The IBT UK further reports that educational districts in Connecticut, Louisiana, New Jersey, and Virginia were affected.
In June, Team System DZ attacked government websites in Ohio, Maryland and New York, defacing them with a pro-ISIS message that read, in part, “I Love Islamic state.” The hackers used the same phrasing in the school cyberattack.