Hackers hijack county Web site

Hackers hijacked Jackson County's Web site last week, steering people instead to a Chinese site that attempted to install a malicious program on visitors' computers.

The county shut down the affected part of the public site, hosted by Ashland-based Project A Inc., for several hours after officials noticed the problem about noon on Thursday, said Mark Decker, the county's directory of information technology services.

However, hundreds of people trying to find county information could have stumbled onto the problem site, he said.

They would have seen something unusual, such as oddly garbled text layered on top of the county site's features or numerous errors messages, but probably wouldn't have seen the Chinese site.

Anti-virus Internet security software from a leading vendor such as McAfee or Norton will detect and protect computers from the malware that the foreign site tried to install, he said.

Using a high security setting in a Web browser also will help defend against infected sites.

Decker discovered the county's site was infected when he and other users got an error message and a warning that the site was attempting to download a file.

He suspects the hackers hit the site sometime between 4 a.m. and noon, but he doesn't know for sure how long it was compromised.

Hackers apparently exploited a security flaw in Microsoft software to slip a line of programming into the county's site through a technique called code injection.

Project A's President and Chief Executive Officer Jim Teece said such attacks are common, with as many as 200,000 sites around the world having been hit by such a ploy so far this year.

Various federal government sites and major online retailers all have fallen victim, experts said.

Hackers often try to install a program that will record users' every keystroke in hopes of catching credit card numbers or passwords or a program that will harness a computer to send out messages or security tests to find other machines to infect.

The programs are designed to avoid detection, so users might not notice the problem immediately, but commercial anti-virus software can find and fix it.

Decker said many of the hacking attempts come from organized crime operations outside the U.S. and are difficult to prosecute, but the county wants to do what it can to stop the attacks.

Project A and the county shut down the county's site at , corrected the security problem, restored the site from backup and reconnected the site to make it accessible.

Decker estimated that his department spent between 30 and 40 hours fixing the problem and then scanning the computers of county employees who had visited the problem site.

The county's popular Front Counter Application and SmartMap sites are on a different server and weren't affected.

The county's secure internal computer network, which stores sensitive information, also went untouched.

Share This Story