Segue Hacking Done By Foreigners for Fun

Written by Lane Hill

It’s deja vu, all over again. Upperclassmen know that around this time last year, Segue was hacked. Well, it happened again, possibly by the same origin of people. Who would want to mess with SU anyway—a small liberal arts college in Georgetown?

“We don’t know exactly who. We have not finished our forensics on this. However, afterwards we can get their IP [Internet Protocol; essentially a number used to identify your computer on the internet] numbers, but without the cooperation of their internet service provider, we can’t name a specific person. However, due to the Arabic content of the page, it might be North Africans or Middle Easterners…There was no malevolence…they just wanted to mess with us,” Associate Vice President for Information Technology Services (ITS) Bob Paver said.

However, when was it hacked originally?

“We don’t know the specific time,” Paver said.

While the specific time is not known, there is a ballpark figure: “It was reported by a student in the SLC around noon on October 1st, ” Instructional Technologist for ITS, Melanie Hoag said.

The damage however, was not bad. “They only changed the Segue home page. There’s no actual sensitive data. Just account names and possibly your name. No social security numbers or credit card numbers,” Paver said.

“When it was discovered it was hacked, we quickly rolled it back to a previous version. So, some changes made to it during the rollback may have been lost.” Hoag said.

Some people may not accept that they just hacked in to change the front page. However, that is something about the whole “hacker” culture that is often mischaracterized. Some hackers just do things just to show they can get in, such as change the front page to a website. Only the really malicious ones will do things such as steal ID or credit card information.

Other people may not accept that the hackers were North African or Middle Eastern just based on the Arabic content on the new front page. However, hackers in those parts of the world are getting notorious—a group of Turkish hackers recently defaced the Microsoft France website. There was an AIM rootkit (a virus on your computer that does malicious things to your computer that is hidden, so it’s very hard to get rid off) recently that was of Middle Eastern origin.

Also, people are probably wondering how Segue was hacked. Segue was written in a language called PHP, which is an online scripting language used for mostly interacting with online databases (which essentially is a way to hold information. For instance, all of your information on MySpace or Facebook is in an online database). Sometimes, due to programmer’s ignorance, sometimes exploits can creep up in the code. This time, it was a vulnerability relating to the directory themes are stored in.

However, the writers of Segue, Middlebury College in Vermont were quick to act, releasing a new, patched version the day it was hacked. This patch, however messed up some graphics. Another patch was released a day later.

A new, globally launched version of Segue was set-up on Friday.

If you were worried the hacking of Segue would cause other services of SU to be lost, don’t worry.

“The server that runs Segue only has Segue on it,” Paver said.

Of course, after something like this happening, it’s often good to learn from mistakes. One such mistake was not keeping up a backup server with a backup version of Segue.

“We are going to get a back up server in place. However, due to not having our forensics done, we don’t know what other changes we need to make to make sure this will not happen again.” Paver said.

This entry was posted in Uncategorized. Bookmark the permalink.

One Response to Segue Hacking Done By Foreigners for Fun

  1. Very helpful article. Bookmarked for future reference. Thanks a lot! :)

Leave a Reply