A group identifying itself as the “Indonesian Cyber Freedom Hackers” hacked USF St. Petersburg’s website on Jan 23.
Website administrators disabled the site within minutes, and it was soon restored to normal operations.
The Crow’s Nest spoke to Jacob Diaz, the dean of students, and Jessica Blais, director of communications for USFSP’s university advancement.
“Cyber security is top of mind for us,” Blais said. “As these things occur, we correct them as soon as we possibly can.”
Diaz confirmed last week’s Crow’s Nest report and said the university’s website was not specifically targeted. The hackers use software to search for website vulnerabilities. When they find a vulnerability, they hack into the site.
Blais and Diaz did not know what the vulnerability in usfsp.edu was that caused the hackers to gain access.
Last week, The Crow’s Nest spoke to Vincent Lynch, a technical support member at the SSL Store, headquartered in downtown St. Petersburg. Lynch said the vulnerability in the website could be the result of USFSP using an outdated version of WordPress.
Diaz said the computing office was able to shut the hack down quickly because of their attention to the site.
“Our computing office is always monitoring your institutional well being,” he said.
Diaz expressed concern that news of the hack would cause curious students to visit the hacker’s website, incef-team.com, and experience damage to their computers. He discourages students from visiting the website.
But Lynch said it was unlikely the hacker’s website had any malicious content on it. Reports from Google’s Safe Browsing tool and Sucuri’s website malware and security scanner showed that the website has been free of malicious content for the past 90 days.
“It certainly is possible that the hackers could change this at any time,” Lynch said. “However, I don’t think this is a reasonable assumption to make.”
He added that Google and the Chrome browser are good about blocking malicious content from users.