CyberInsecure.com

Daily cyber threats and internet security news: network security, online safety and latest security alerts
January 18th, 2011

University Of Sydney Website Defaced, Hacker Mocks Admin For Poor Security

The University of Sydney (USyd) called in outside Web security experts after a hacker compromised its website several times and mocked the admin for its poor security. The website was last defaced Friday night with a message claiming that Jie Gao, the university’s UNIX systems administrator, is incapable of securing the web server.

The attacker, who signed himself as EVIL @ EFNET (an IRC network), claimed the site was hacked three times before yet remained insecure. He also bragged about having access to three quarters of the network.

The original message was later updated with a greeting to all University of Sydney students and a request to show support for the Queensland flood victims.

Within a few hours the website got taken offline and a standard, yet ironic, “undergoing scheduled maintenance” message was put up. People who were already discussing the attack on Whirlpool, Australia’s leading forum on Internet issues, made fun of the message since the intervention was clearly forced, not scheduled.

The website remained offline until Sunday, preventing students from accessing some services. The university sent out a notification letter to explain the downtime and promise to provide alternative instructions to access the needed systems if it ever happens again.

“[…] Last week a malicious hacker managed to bypass these mechanisms and accessed the University’s home page and some high level corporate web pages. Much of the University’s website remained untouched and no systems were compromised. No student or financial records were impaired,” USyd Vice-Chancellor and Principal Michael Spence wrote in the email sent to students.

According to the Sydney Morning Herald, the university confirmed that its website was compromised more than once during last week and said that it contracted two leading web security companies to perform the forensic investigation.

Furthermore, the institution has not yet contacted the authorities and refused to say if any employee will be disciplined for the security lapse.

Credit: Softpedia.com News

Share this item with others:

More on CyberInsecure:
  • Phoenix Mars Lander Website Defaced By Script Kiddies
  • Southern Connecticut State University Warns Of Data Breach After Web Defacement
  • InvisionFree.com Hacked And Defaced
  • SSNs Found On Texas A&M Corpus Christi Website, Student Data Exposed
  • Hacker Published Confidential Records Belonging To Six Million Chileans On The Internet

    • Posted in Breaches And Incidents, Cybercrime, Hacked, Targeted Attacks | Print This Post Print This Post

    This entry was posted on Tuesday, January 18th, 2011 at 2:51 pm and is filed under Breaches And Incidents, Cybercrime, Hacked, Targeted Attacks. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

    If you found this information useful, consider linking to it from your own website.
    Just copy and paste the code below into your website (Ctrl+C to copy)
    It will look like this: University Of Sydney Website Defaced, Hacker Mocks Admin For Poor Security

    Leave a Reply

    Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.

    *
    To prove you’re a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.

    « «
    » »