Attackers Deface Monash University Website

April 18, 2011 - PRLog -- Recently, Monash University website suffered security breach. Attackers defaced the site and placed the map of Iran embedded with the country's flag. The attacker has identified himself as yaser007. The Australia-based University has sought the services of specialist agencies. Information security professionals have restored the site and are investigating the security breach incident. Preliminary investigations suggest that no data has been breached in the attack. The incident also reportedly affected the webpages of University library and Faculty of Engineering. The University has notified students through e-mail.
Attackers frequently target websites to gain access to confidential information contained in associated databases. Websites are also targeted by protestors loyal to rival countries. In the latest attack on Monash University, attackers allegedly used several resources including those of universities based in United States (US) and United Kingdom (UK). The University is coordinating with other institutions, whose resources have been used in the attack.  

University websites are frequently targeted by attackers as associated databases of the sites contain information such as names, dates of birth, mailing addresses, courses pursued and enrolment numbers related to students, faculty and administrative staff. The extracted information could be used for impersonation, applying for fraudulent student loans or may be sold in the underground crime market. Websites are vulnerable to intrusion, SQL injection, cross-site scripting and distributed denial-of-service attacks among others. Attackers scan and identify security flaws on websites to inject malicious code or redirect visitors to fake websites. Training sessions, online IT degree programs and seminars may help IT professionals in keeping themselves abreast of latest threats, website security and data protection mechanisms.

Regular in-depth evaluation of websites through professionals qualified in IT degree programs, secured programming and penetration testing could help in exterminating weaknesses and security flaws. The University has sought a detailed report of the security incident from professionals investigating the incident. The suggestions made would be considered by the University Council Audit and Risk Committee to streamline security.

Internet-based threats require proactive action. Organizations must acquaint employees on online threats through e-learning programs, online IT courses and huddle sessions to improve IT security practices and reduce threat vectors.

Contact Press

EC-Council
Website: http://www.eccuni.us
Email:  iclass@eccouncil.org
Tel:  505-341-3228

EC-Council University is based in Albuquerque, New Mexico and offers Master of Security Science (MSS) degree to students from various backgrounds such as graduates, IT Professionals, and military students amongst several others. The MSS is offered as a 100% online degree program and allows EC-Council University to reach students from not only the United States, but from all around the world.

EC-Council is a member-based organization that certifies individuals in cybersecurity and e-commerce skills. It is the owner and developer of 16 security certifications, including Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (CHFI) and EC-Council Certified Security Analyst (ECSA)/License Penetration Tester (LPT). Its certificate programs are offered in over 60 countries around the world.

EC-Council has trained over 80,000 individuals and certified more than 30,000 members, through more than 450 training partners globally. These certifications are recognized worldwide and have received endorsements from various government agencies including the U.S. federal government via the Montgomery GI Bill, Department of Defense via DoD 8570.01-M, National Security Agency (NSA) and the Committee on National Security Systems (CNSS). EC-Council also operates the global series of Hacker Halted security conferences.

# # #

iClass is EC- Council's online training delivery platform. Students can attend live, or recorded training sessions for courses such as Certified Ethical Hacker (CEH), Certified Security Analyst (ECSA) or Computer Hacking Forensic Investigator (CHFI).