Portsmouth website hacked by '˜Islamic State'

A cyber criminal claiming to be from Islamic State hacked into a Portsmouth website

Star and Crescent, a Portsmouth-based site, suffered an attack where its posts were replaced with a message from the purported hacker.

The ‘independent news, culture and commentary’ website is now back up and running.

Sarah Cheverton and Tom Sykes, who run the site, have declined to comment.

But during the attack they posted on their Facebook page explaining what happened.

They said: ‘Once again, we seem to have made some enemies.

‘Our website has been hacked by self-professed IS hackers. While we work on that, remember you can also follow us on Twitter! We’ll keep you updated.’

The website was reinstated briefly but went down again the next day.

Posts on the Star and Crescent Facebook page

‘We’re down again but striving to get operational ASAP, so please bear with us,’ said Star & Crescent on Facebook.

‘You’ll see that the hacker – whoever she/he is – has been messaging our FB page.’

Posting on the page, the purported hacker said: ‘Yes We Hack Our Site hhhhhhhhhhh.’

He added: ‘I am the hacker.. and i will hack the site Again .. lol’.

A Hampshire police spokeswoman said: ‘We’ve had a report on March 29 that a company website by the name of Star and Crescent had been hacked by someone purporting to be related to Islamic State.’

She added they gave advice to the victim and urged them to contact Action Fraud.

Separately, Strong Island Media said its website was hacked last month.

Since then Paul Gonella, one of the directors, installed software that has shown hundreds of hacking attempts are made each month.

He said: ‘There’s still thing in there that we’re trying to track down.

‘For the website is critical really, people visit the Strong Island website and when Google detects the malware it flags it up as red and tells people not to visit.’

The malware installed encouraged people to visit other websites.

ADVICE FROM THINKMARBLE, A CYBER SECURITY FIRM IN WHITELEY

n Don’t reuse passwords.

n Make sure your passwords are at least 10 characters long and don’t write them down. Consider using password managers.

n Be aware of phishing attacks. Never trust a company that asks you to enter your password outside of the familiar website login screen.

n Be careful about what you download. If you don’t trust the website or don’t remember downloading it, do not open it.

n Don’t ignore SSL certificate warnings on important sites such as banks, email providers and your own site.

n If you have a website, make sure that your passwords with your hosting provider, the site backend and any databases are secure.

n Make sure all people involved in the building and maintenance of your website are familiar with internet security.

n Always give appropriate access levels to staff based on their needs. The more people with high level clearance increases the chances of a successful attack.

n Update your website to avoid hacks.

n Keep regular offsite backups of your website and database. It won’t prevent hacks, but will help reduce the effects.

Advice from Andy Miles CEO of ThinkMarble, winner of The News Business Excellence Award for Start-Up of the Year. See thinkmarble.co.uk