Brandon Twp.- The township website receives plenty of hits each day.
However at least one visitor to www.brandontownship.us proved to be unwanted
Township Supervisor Kathy Thurman said the password protected website was hacked into sometime during the weekend. Site users reported the message to the township and area media.
‘Even the employees have limited access to the site,? she said. ‘We can upload the registration form for the recreation department or information items for the community. We changed the security code about three or four weeks ago.?
On the site was: ‘Hy admin: Your site has been hacked by me! Because we love you and just want to warn you that you web still has large vulnerability. Dear admin, this was not a joke or dream, this is f.***ing..reality at last, we’re from Indonesia, we are good people. Thanks, Kubucyber team.?
James Ellis, owner of Ortonville-based Brandon Computer Services, is the township’s webmaster. He was contacted Monday following the breach.
‘People search the internet for sites they know the can take advantage and exploit. A lot of people just hack for the fun of it.?
Later on Monday Ellis was still trying to track down information as to where and how the site was hacked.
‘By no means was anyone associated with the township involved. This was no more than a random act from someone who knew what they were doing. This site and sites like the Brandon Township site have no access to township files. All the hacker managed to do was to access a file with a directory on it.?
Ellis said sites that are often compromised are those with lower security information. Sites with information such as tax payments, payroll or bank information are on the higher security machines.
‘The text claimed they were from another country. The most we can do is look for an IP address,? he said.
An Internet Protocol address (IP address) is a numerical label assigned to each device (e.g., computer, printer) participating in a computer network that uses the Internet Protocol for communication.
‘In this case, I’ll block out the whole IP address. There is really nothing high profile here, not like a major company like a bank or business.?