Several Stanford websites were taken offline May 9 after being targeted by hackers looking to sell cheap software. The affected sites, currently offline and inaccessible, are those for the Stanford Concert Network, the Green Alliance for Innovative Action and the ASSU.
According to Rowan Chakoumakos ’13, chief technical officer for Stanford Student Enterprises (SSE), the Stanford Information Security Office (ISO) generally handles issues related to the University’s network security.
“Since the webmasters of the respective sites did not remove the content in the designated time set by the Stanford Information Security Office, the websites were taken offline,” Chakoumakos wrote in an email to The Daily.
The main University website was unaffected.
Tina Darmohray, Stanford’s chief information security officer, said the ISO alerted SSE after the initial intrusion, based on the contact information attached to the machine.
“We could chuck out a very short-term patch, but what we want to do is go in and implement a more long-term solution,” said ASSU Vice President Stewart Macgregor-Dennis ’13.
He added that the main ASSU website will likely be down until a comprehensive update is implemented during the summer. However, several critical functionalities have been restored, namely the Old Union room reservation system, bookings for the ASSU airport shuttle and the SSE website. With those services online, Macgregor-Dennis predicted that keeping the main website down would have a “marginal” impact on ASSU operations.
“Because of a lack of investment in security in the ASSU websites and servers, we need to go back to some of the basics and look at the actual server software that’s on there,” Macgregor-Dennis said. “If we tried to just fix it straightaway, then someone would just hack it again within a few hours.”
The hackers targeted Stanford and other high-profile websites, including websites for NASA, Syracuse University and Northeastern University. These efforts were part of an attempt to “flog,” or sell, cheap versions of Adobe’s Creative Suite and other software products. The scammers filled the pages with nonsense text and links to other hacked pages.
“Black hat SEOs [search engine optimizers] were simply trying to insert links to improve search engine results for a website,” Chakoumakos said. “Both .edu and .gov domains are commonly targeted due to the high ‘Page Rank’ assigned to them by Google.”