The US Department of Homeland Security's website for Iowa has been defaced by hackers.
Spokesperson Lucinda Robertson told the Des Moines Register that no sensitive information was compromised within the Division of Homeland Security and Emergency Management, but the website was inaccessible while a forensic examination was conducted to determine how the breach occurred.
The Iowa Division of Homeland Security and Emergency Management oversees the state's response to floods, tornadoes and other disasters. It also prepares Iowans to respond to terrorism. The agency's website includes information about training sessions, grant programs, administrative rules and other efforts. Information is also provided for county emergency management coordinators.
The Des Moines Register also claimed that state websites for veterans and for individual and family emergency preparedness were also compromised.
Amichai Shulman, Imperva's chief technology officer, claimed that the attack sends out a strong message on security spend, as although there is clearly a balance that needs to be struck in all organisations in terms of security expenditure and its return on investment, the high profile status of the Department of Homeland Security means that the website should not be vulnerable to hacker defacements.
He said: "Although it's fair to say that no IT resource can ever be 100 per cent protected against all types of attacks, the fact that this hack apparently stems from a misconfigured script or server settings is sending out all the wrong messages to businesses and hackers alike.
"As if this wasn't bad enough, the statements by officials also seem to be at odds with each other. On the one hand we have a state spokesperson saying no real damage was done, and on the other we have another set of people trying to justify the need for another layer of government employees when the existing staff resources could do the IT defence job just as well - or not, as in this case."