Feeds

Blizzard of smut cuts off Council websites

From Wittering to ogling, and beyond

Gartner critical capabilities for enterprise endpoint backup

But what of West Wittering? As villages go, it is one of those quintessentially English places, boasting a combination of sandy beaches and ancient monuments: a Parish Church whose oldest bits were laid down in the 12th century, and rock guitarist Keith Richards, about whose older bits it may be wiser not to speculate.

Their website appeared to contain an entire directory given over to "discussion" of topics such as growing cannabis and "hot babes" – not, we suspect, a reference to climate change. Briefly, we toyed with the idea of some Ealing Comedy-style denouement: a local parish councillor, bored by endless rounds of WI jam-making, finally gone over to the dark side.

Far more seriously, the lead link turned up by Google claims to take the viewer on to child porn - in fact, having looked at one of the less explicit (adult) links, we suspect that clicking on it could well have popped up indecent material immediately.

We reported the matter to the Clerk to the Parish Council, Mrs Brown, who declared herself "horrified" and, after consultation with her Chairman, arranged for the site to be taken down straight away. The Chairman of West Wittering Parish Council added: "We had no idea that such material was on our site, and have acted immediately the matter was brought to our attention."

We also raised the matter with the IWF, who felt, as the site is now down, that there was little more they can do.

Councillor Bill Hinds, lead member for customer and support services at Salford City Council said it was investigating how the link spamming had gone undetected on its site.

"We empower community groups to have their own sites and as a means to develop their web skills," he added. "However, we need to ensure that we are continually moderating them. We will now be reviewing our policies and procedures to minimise the risk of this happening again."

This episode illustrates two issues that are likely to become more prominent over the next few years. First, this went beyond simple spamming. Someone had made use of an onsite exploit – possibly via their contact form – to gain access to their server and set up a directory and chat forum that would be invisible to the public, and act as host to a series of links to other material.

If some of the forum counts are to be believed, these posts – over 1,000 related to porn alone - were being actively browsed. West Wittering’s innocuous little website had been infiltrated and was now host to an international porn business.

Why? Because as filtering becomes cleverer, those behind such business have almost certainly calculated that sheltering behind a ".gov.uk" designation may keep them safer for longer than if they stay public.

Expect more such infiltrations in future. As for the websites concerned, our sympathies go out to West Wittering – although we wonder why even a humble Parish Council did not have in place the simple security measures that would have blocked such a takeover. The same applies to other sites, but much more so.

Worcestershire appears to have been compromised over a fortnight ago – yet no one in their IT department has yet noticed. Salford appears to be hosting well over 1,000 porn-related links, as aforementioned. Again, no one in their IT seems to have noticed.

No doubt these weaknesses will now be fixed, but it would be surprising indeed if other councils do not fall prey throughout the year. ®

Gartner critical capabilities for enterprise endpoint backup

More from The Register

next story
'Stop dissing Google or quit': OK, I quit, says Code Club co-founder
And now a message from our sponsors: 'STFU or else'
Ex US cybersecurity czar guilty in child sex abuse website case
Health and Human Services IT security chief headed online to share vile images
Uber, Lyft and cutting corners: The true face of the Sharing Economy
Casual labour and tired ideas = not really web-tastic
Don't even THINK about copyright violation, says Indian state
Pre-emptive arrest for pirates in Karnataka
The police are WRONG: Watching YouTube videos is NOT illegal
And our man Corfield is pretty bloody cross about it
Oz biz regulator discovers shared servers in EPIC FACEPALM
'Not aware' that one IP can hold more than one Website
Apple tried to get a ban on Galaxy, judge said: NO, NO, NO
Judge Koh refuses Samsung ban for the third time
Pedals and wheel in that Google robo-car or it's off the road – Cali DMV
And insists on $5 million insurance per motor against accidents
prev story

Whitepapers

Top 10 endpoint backup mistakes
Avoid the ten endpoint backup mistakes to ensure that your critical corporate data is protected and end user productivity is improved.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Backing up distributed data
Eliminating the redundant use of bandwidth and storage capacity and application consolidation in the modern data center.
The essential guide to IT transformation
ServiceNow discusses three IT transformations that can help CIOs automate IT services to transform IT and the enterprise
Next gen security for virtualised datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.