Bristol bus timetable website has been attacked by a group calling itself “Darkshadow”.
The “Arab Security Team” attacked TravelWest’s website on New Year’s Day and the website, controlled by four councils including Bristol, South Gloucestershire and North Somerset, has managed to regain control today.
Julia Dean, communication officer for WEP, told the Bristol Post that it is “working on getting the website fixed as quickly as possible”. The website was replaced with a black screen with white Arabic and English words, links to the group’s Facebook page and an email address. The TravelWest website usually provides locals with information about train and bus times in and around Bristol.
At the time of writing, the Google result for TravelWest still showed the imprint of the attack, some three hours after control was seized back. A comment request via email had not been received by IT Security Guru at the time of publication.
Security researcher Tom Cross told IT Security Guru that he doubted that this was the first step into a network, as if it were they wouldn’t have defaced the website and called attention to themselves.
He said: “There are marginally skilled people all over the world who hack into low hanging fruit websites in order to post political defacements promoting radical causes of every imaginable variety. Small civic websites operated by local Governments are frequent targets because local Governments don’t have the IT budgets and skillsets needed to adequately protect themselves, but the hackers get to feel like they struck a blow against official authorities.
Cross suggested that local Governments could benefit from IT security assistance from more centralised Government agencies that have better resources. “Ultimately, these defacements are of little consequence, but one imagines that local authorities may have computer systems that contain more sensitive information. Every small town is on its own trying to figure this stuff out,” he said.
