Feeds

Blizzard of smut cuts off Council websites

From Wittering to ogling, and beyond

Build a business case: developing custom apps

But what of West Wittering? As villages go, it is one of those quintessentially English places, boasting a combination of sandy beaches and ancient monuments: a Parish Church whose oldest bits were laid down in the 12th century, and rock guitarist Keith Richards, about whose older bits it may be wiser not to speculate.

Their website appeared to contain an entire directory given over to "discussion" of topics such as growing cannabis and "hot babes" – not, we suspect, a reference to climate change. Briefly, we toyed with the idea of some Ealing Comedy-style denouement: a local parish councillor, bored by endless rounds of WI jam-making, finally gone over to the dark side.

Far more seriously, the lead link turned up by Google claims to take the viewer on to child porn - in fact, having looked at one of the less explicit (adult) links, we suspect that clicking on it could well have popped up indecent material immediately.

We reported the matter to the Clerk to the Parish Council, Mrs Brown, who declared herself "horrified" and, after consultation with her Chairman, arranged for the site to be taken down straight away. The Chairman of West Wittering Parish Council added: "We had no idea that such material was on our site, and have acted immediately the matter was brought to our attention."

We also raised the matter with the IWF, who felt, as the site is now down, that there was little more they can do.

Councillor Bill Hinds, lead member for customer and support services at Salford City Council said it was investigating how the link spamming had gone undetected on its site.

"We empower community groups to have their own sites and as a means to develop their web skills," he added. "However, we need to ensure that we are continually moderating them. We will now be reviewing our policies and procedures to minimise the risk of this happening again."

This episode illustrates two issues that are likely to become more prominent over the next few years. First, this went beyond simple spamming. Someone had made use of an onsite exploit – possibly via their contact form – to gain access to their server and set up a directory and chat forum that would be invisible to the public, and act as host to a series of links to other material.

If some of the forum counts are to be believed, these posts – over 1,000 related to porn alone - were being actively browsed. West Wittering’s innocuous little website had been infiltrated and was now host to an international porn business.

Why? Because as filtering becomes cleverer, those behind such business have almost certainly calculated that sheltering behind a ".gov.uk" designation may keep them safer for longer than if they stay public.

Expect more such infiltrations in future. As for the websites concerned, our sympathies go out to West Wittering – although we wonder why even a humble Parish Council did not have in place the simple security measures that would have blocked such a takeover. The same applies to other sites, but much more so.

Worcestershire appears to have been compromised over a fortnight ago – yet no one in their IT department has yet noticed. Salford appears to be hosting well over 1,000 porn-related links, as aforementioned. Again, no one in their IT seems to have noticed.

No doubt these weaknesses will now be fixed, but it would be surprising indeed if other councils do not fall prey throughout the year. ®

Build a business case: developing custom apps

More from The Register

next story
'Stop dissing Google or quit': OK, I quit, says Code Club co-founder
And now a message from our sponsors: 'STFU or else'
Top beak: UK privacy law may be reconsidered because of social media
Rise of Twitter etc creates 'enormous challenges'
Uber, Lyft and cutting corners: The true face of the Sharing Economy
Casual labour and tired ideas = not really web-tastic
Ex US cybersecurity czar guilty in child sex abuse website case
Health and Human Services IT security chief headed online to share vile images
Don't even THINK about copyright violation, says Indian state
Pre-emptive arrest for pirates in Karnataka
The police are WRONG: Watching YouTube videos is NOT illegal
And our man Corfield is pretty bloody cross about it
Oz biz regulator discovers shared servers in EPIC FACEPALM
'Not aware' that one IP can hold more than one Website
prev story

Whitepapers

Gartner critical capabilities for enterprise endpoint backup
Learn why inSync received the highest overall rating from Druva and is the top choice for the mobile workforce.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Rethinking backup and recovery in the modern data center
Combining intelligence, operational analytics, and automation to enable efficient, data-driven IT organizations using the HP ABR approach.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Next gen security for virtualised datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.