The government Web pages, including that of Gov. John Kasich, were replaced about 11 a.m. Sunday by a message from a group called Team System Dz. The same pro-Islamic State message also appeared Sunday on local-government websites in New York, Louisiana and Maryland. All Ohio sites were restored by Monday morning.
In the cyberbusiness, it's known as "defacement" or "internet graffiti" when an individual or group displays their message on a website without doing obvious damage.
Tom Hoyt, spokesman for the Ohio Department of Administrative Services, said no data were accessed or compromised as far as could be determined. Technicians were scanning websites Monday.
However, state officials should by no means assume the attack is over, said Chris Olson, chief executive officer of the Media Trust, a McLean, Virginia, company that provides cybersecurity for more than 500 publishers, ad networks, exchanges, agencies and corporations.
"They need to prepare themselves for the future," Olson said about cyberattacks. "It's not 'if,' it's 'when.'"
"What's scarier is that the bad guys did have access and could be doing something more serious like putting in invisible malware," Olson said. "Very often we see companies that believe they have cleared up the issue but it comes back a day, a week or a month later."
State officials aren't publicly discussing how the attack on the websites happened, but Olson said it typically occurs when hackers access codes from within the website, or by hacking codes from third parties on state sites. He said access can be thwarted by ongoing scanning of codes on government sites, but that apparently was not being done.
The defacement is being investigated by the FBI and the U.S. Department of Homeland Security in coordination with the Ohio Department of Public Safety, said State Highway Patrol, Sgt. Tiffany Meeks.
The affected websites included those for first lady Karen Kasich, Lt. Gov. Mary Taylor, the inspector general, the Department of Medicaid, the Casino Control Commission, LeanOhio, the Office of Workforce Transformation, the Office of Health Transformation and the Department of Rehabilitation and Correction.
The pages were replaced with a message stating "You will be held accountable Trump, you and all your people for every drop of blood flowing in Muslim countries."
"I Love Islamic State," it said.
Emmalee Kalmbach, Gov. Kasich's press secretary, provided a statement: "As soon as we were notified of the situation, we immediately began to correct it and will continue to monitor until fully resolved."
Ohio Treasurer Josh Mandel, a Republican candidate for the U.S. Senate in 2018, posted a screenshot of the hacked Department of Rehabilitation and Correction website to his social media pages Sunday shortly after the cyberattacks.
"Wake up freedom-loving Americans," Mandel said on his Facebook page. "Radical Islam infiltrating the heartland."
©2017 The Columbus Dispatch (Columbus, Ohio) Distributed by Tribune Content Agency, LLC.
