Victoria’s Monash University has acknowledged that its website was briefly broken into on Saturday and replaced with what appeared to be an Iranian flag encased in a geographical map of the country.
On Sunday the university issued a statement noting that the site had been subject to what it described as “an external hacker breach”, although it noted the situation was “quickly identified and dealt with”. “No university data was compromised and the effects was limited to the publishing of non-Monash material on the externally-facing web site,” it said. “It appears that neither Monash, nor the wider Australian Higher Education Community, were a specific target.”
The attack resulted in some users seeing the Iranian image or just the normal version of the university’s website between 12 noon and 2pm on Saturday. It appears this story was broken by the Sydney Morning Herald.
In a further statement issued today (Monday), the university said it was continuing to investigate the hack, and was liaising with other institutions, as well as the Australian Computer Emergency Response Team (AusCERT), with which it had opened communications shortly after the breach happened. “The investigation has identified the source but has yet to identity a specific motive for the breach,” the university wrote.
Monash didn’t appear very worried about the attack. “The university has experienced very infrequent breaches on its web pages over recent years and understands the persistent risks in this area. The frequency of such events has been at the lower end of the expected range,” it said.
“Our CIO has not yet determined whether any changes to Monash web hosting practices will be recommended to University senior management.”
It is unclear as to what avenue of attack the hackers used to break into Monash’s web site, which appears to be running the Apache web server (one of the most popular web server software packages used online) on top of the Linux operating system. “We take the matter of security of all our IT resources very seriously and strive to balance the risks involved with the benefits gained from these resources,” said Monash.
Image credit: Griszka Niewiadomski, royalty free
Having done some web-dev at Monash – (unless it’s changed recently) – it’s an Apache setup…
The Iranian hackers need to speak to Anonymous.
There is no Lolz in the Iranian flag. It it was Paedobear or a rickroll, then there would be lolz/
Comments are closed.