Feeds

Blizzard of smut cuts off Council websites

From Wittering to ogling, and beyond

High performance access to file storage

But what of West Wittering? As villages go, it is one of those quintessentially English places, boasting a combination of sandy beaches and ancient monuments: a Parish Church whose oldest bits were laid down in the 12th century, and rock guitarist Keith Richards, about whose older bits it may be wiser not to speculate.

Their website appeared to contain an entire directory given over to "discussion" of topics such as growing cannabis and "hot babes" – not, we suspect, a reference to climate change. Briefly, we toyed with the idea of some Ealing Comedy-style denouement: a local parish councillor, bored by endless rounds of WI jam-making, finally gone over to the dark side.

Far more seriously, the lead link turned up by Google claims to take the viewer on to child porn - in fact, having looked at one of the less explicit (adult) links, we suspect that clicking on it could well have popped up indecent material immediately.

We reported the matter to the Clerk to the Parish Council, Mrs Brown, who declared herself "horrified" and, after consultation with her Chairman, arranged for the site to be taken down straight away. The Chairman of West Wittering Parish Council added: "We had no idea that such material was on our site, and have acted immediately the matter was brought to our attention."

We also raised the matter with the IWF, who felt, as the site is now down, that there was little more they can do.

Councillor Bill Hinds, lead member for customer and support services at Salford City Council said it was investigating how the link spamming had gone undetected on its site.

"We empower community groups to have their own sites and as a means to develop their web skills," he added. "However, we need to ensure that we are continually moderating them. We will now be reviewing our policies and procedures to minimise the risk of this happening again."

This episode illustrates two issues that are likely to become more prominent over the next few years. First, this went beyond simple spamming. Someone had made use of an onsite exploit – possibly via their contact form – to gain access to their server and set up a directory and chat forum that would be invisible to the public, and act as host to a series of links to other material.

If some of the forum counts are to be believed, these posts – over 1,000 related to porn alone - were being actively browsed. West Wittering’s innocuous little website had been infiltrated and was now host to an international porn business.

Why? Because as filtering becomes cleverer, those behind such business have almost certainly calculated that sheltering behind a ".gov.uk" designation may keep them safer for longer than if they stay public.

Expect more such infiltrations in future. As for the websites concerned, our sympathies go out to West Wittering – although we wonder why even a humble Parish Council did not have in place the simple security measures that would have blocked such a takeover. The same applies to other sites, but much more so.

Worcestershire appears to have been compromised over a fortnight ago – yet no one in their IT department has yet noticed. Salford appears to be hosting well over 1,000 porn-related links, as aforementioned. Again, no one in their IT seems to have noticed.

No doubt these weaknesses will now be fixed, but it would be surprising indeed if other councils do not fall prey throughout the year. ®

High performance access to file storage

More from The Register

next story
Android engineer: We DIDN'T copy Apple OR follow Samsung's orders
Veep testifies for Samsung during Apple patent trial
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Big Content goes after Kim Dotcom
Six studios sling sueballs at dead download destination
Alphadex fires back at British Gas with overcharging allegation
Brit colo outfit says it paid for 347KVA, has been charged for 1940KVA
Jack the RIPA: Blighty cops ignore law, retain innocents' comms data
Prime minister: Nothing to see here, go about your business
Singapore decides 'three strikes' laws are too intrusive
When even a prurient island nation thinks an idea is dodgy it has problems
Banks slap Olympus with £160 MEEELLION lawsuit
Scandal hit camera maker just can't shake off its past
France bans managers from contacting workers outside business hours
«Email? Mais non ... il est plus tard que six heures du soir!»
Reprieve for Weev: Court disowns AT&T hacker's conviction
Appeals court strikes down landmark sentence
US taxman blows Win XP deadline, must now spend millions on custom support
Gov't IT likened to 'a Model T with a lot of things on top of it'
prev story

Whitepapers

Mainstay ROI - Does application security pay?
In this whitepaper learn how you and your enterprise might benefit from better software security.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Mobile application security study
Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.