Tweets by @Stanford_Daily

RT @StanfordSports: PSA: student tickets are now available to be claimed for Saturday's matchup against USC: 2 hours ago, The Stanford Daily
RT @StanfordSports: Our recap of Stanford's 45-0 win. Key takeways: McCaffrey has a bright future and the O-line still needs to gel http://…: 3 days ago, The Stanford Daily
RT @StanfordSports: And that's the ballgame. Stanford routs UC-Davis 45-0.: 3 days ago, The Stanford Daily
Suspect "described as a white male adult, in his 30's, approx. 5' 7" and 140 lbs., fit build with short brown hair and wearing black shorts": 4 days ago, The Stanford Daily
Alert: "A female adult reported that she was...struck from behind with an unknown object that she believed to be a stick.": 4 days ago, The Stanford Daily
AlertSU system reporting a physical assault nearby Palm Drive and Campus Drive at 9:11 p.m.: 4 days ago, The Stanford Daily

Hackers target student group websites

Several Stanford websites were taken offline May 9 after being targeted by hackers looking to sell cheap software. The affected sites, currently offline and inaccessible, are those for the Stanford Concert Network, the Green Alliance for Innovative Action and the ASSU.

According to Rowan Chakoumakos ’13, chief technical officer for Stanford Student Enterprises (SSE), the Stanford Information Security Office (ISO) generally handles issues related to the University’s network security.

“Since the webmasters of the respective sites did not remove the content in the designated time set by the Stanford Information Security Office, the websites were taken offline,” Chakoumakos wrote in an email to The Daily.

The main University website was unaffected.

Tina Darmohray, Stanford’s chief information security officer, said the ISO alerted SSE after the initial intrusion, based on the contact information attached to the machine.

“We could chuck out a very short-term patch, but what we want to do is go in and implement a more long-term solution,” said ASSU Vice President Stewart Macgregor-Dennis ’13.

He added that the main ASSU website will likely be down until a comprehensive update is implemented during the summer. However, several critical functionalities have been restored, namely the Old Union room reservation system, bookings for the ASSU airport shuttle and the SSE website. With those services online, Macgregor-Dennis predicted that keeping the main website down would have a “marginal” impact on ASSU operations.

“Because of a lack of investment in security in the ASSU websites and servers, we need to go back to some of the basics and look at the actual server software that’s on there,” Macgregor-Dennis said. “If we tried to just fix it straightaway, then someone would just hack it again within a few hours.”

The hackers targeted Stanford and other high-profile websites, including websites for NASA, Syracuse University and Northeastern University. These efforts were part of an attempt to “flog,” or sell, cheap versions of Adobe’s Creative Suite and other software products. The scammers filled the pages with nonsense text and links to other hacked pages.

“Black hat SEOs [search engine optimizers] were simply trying to insert links to improve search engine results for a website,” Chakoumakos said. “Both .edu and .gov domains are commonly targeted due to the high ‘Page Rank’ assigned to them by Google.”