Hackers infiltrate seventeen sites over spring break

This story was originally published in the Mar. 30 print issue.

As students were leaving for spring break, hackers infiltrated a slew of Mason websites, causing disruption by defacing websites.

Marilyn T. Smith, vice president for Information Technology and Chief Information Officer, said a group of hackers targeted some websites on one particular server. She continued that these hackers attacked and defaced seventeen websites which were subsidiary websites or tertiary websites to the gmu.edu website. They didn’t attack the gmu.edu website, but they did attack other and deface other websites that were accessible through it, she said.

“It happened on [Friday, March 6, and] we found it right away, and we restored the full website and all the functionality by ten o’clock on Saturday morning. We had people work all night,” Smith said.

According to Smith, unlike the cyberattacks that have previously occurred on Mason’s website, this attack was different in that this was purely for disruption of business.

“They claimed responsibility for it right on the website, so they were clearly trying to send a message and wanted people to know who they were,” Smith said.

Smith said the reason hackers attacked Mason’s website, and university websites in general, is because so many people go into college and university websites. She continued that she didn’t want to speak for the hackers, but that they tend to pick universities that are well-known.

“Actually, it’s a compliment to Mason. It’s a pro and a con,” Smith said. “They would want to pick a university because many people go and look at university websites, particularly around this time of the year because of admissions, etc.”

To keep attacks like this from happening again, Smith said the Information Technology Services have been working for a number of months to strengthen Mason’s infrastructure against attacks and to increase security awareness education through the university. Smith said, for example, university employees, including student wage employees, now need two passwords to log in to Patriot Web.

“We’re working on a number of different security projects to strengthen our internal environment, and also [if] you go onto the Patriot Web you will see that we have a process in place for phishing attacks,” Smith said.

Dictionary.com defines phishing as a cyberattack that hackers use to try to obtain financial or other confidential information from internet users, usually by sending an email with a fake link from a legitimate-looking website.

She said that students should be aware that anytime they are asked for any kind of identity or personal information, it may be a phishing attack, so they should verify and validate where the email ID is from. In fact, she said, don’t give any of your personal information over the web or in response to any email. She continued that if there is a phishing attack, a student, faculty or staff member can call the support center for help and they will go right into the email and look for other people that may have been targeted by the same phishing attack. ITS then sends a notice to all of the affected parties saying there was a phishing attack and to please be careful because those affected parties could be targeted.

Jean-Pierre Auffret, director of the executive degree programs in the School of Business, said in an email that Mason has been a leader in cybersecurity development for the last 25 years,  starting with the establishment of the Center for Secure Information Systems in 1990. He continued that Mason has had an impact from research to practice in bringing new cybersecurity technologies to the marketplace and in cybersecurity education.

In recent years, cyber warfare has been considered a serious threat by some U.S. officials. Auffret agreed, but thinks the U.S. still has a long way to go in terms of development and research.

“Protecting networks and systems is an important national security issue given our reliance on networks and information technology, [but] I think the U.S. has a ways to go on developing a good framework for thinking about cybersecurity in the foreign policy context,” Auffret said. “For example, there is the challenge of attribution (identifying who has undertaken an attack) and also calibrating and deciding upon a response in light of the range of bilateral issues we might have with a country.”

Auffret said that cyberattacks don’t just happen to companies like Target. but that the average person can be affected.

“I think that [cybersecurity] should be a priority for everyone – given the risk of identity theft and fraud on a personal level. [There are also] risks to organizations where someone works or organizations they belong to on an institutional level,” Auffret said.

Smith agreed and said that cybersecurity is important to all sorts of groups and people and that it is an ever-changing entity.

“Cybersecurity is critical because hackers are becoming more and more sophisticated, and they are out after a number of different things,” Smith said. “It is really important that we strengthen our cybersecurity environment, and we keep up with what’s going on in the world of cybersecurity.”

Photo Credit: Songjun Deng