14 DAY TRIAL // The University of Sydney (USyd) called in outside Web security experts after a hacker compromised its website several times and mocked the admin for its poor security.
The website was last defaced Friday night with a message claiming that Jie Gao, the university's UNIX systems administrator, is incapable of securing the web server.
The attacker, who signed himself as EVIL @ EFNET (an IRC network), claimed the site was hacked three times before yet remained insecure. He also bragged about having access to three quarters of the network.
The original message was later updated with a greeting to all University of Sydney students and a request to show support for the Queensland flood victims.
Within a few hours the website got taken offline and a standard, yet ironic, "undergoing scheduled maintenance" message was put up.
People who were already discussing the attack on Whirlpool, Australia's leading forum on Internet issues, made fun of the message since the intervention was clearly forced, not scheduled.
The website remained offline until Sunday, preventing students from accessing some services. The university sent out a notification letter to explain the downtime and promise to provide alternative instructions to access the needed systems if it ever happens again.
"[...] Last week a malicious hacker managed to bypass these mechanisms and accessed the University’s home page and some high level corporate web pages.
"Much of the University’s website remained untouched and no systems were compromised. No student or financial records were impaired," USyd Vice-Chancellor and Principal Michael Spence wrote in the email sent to students.
According to the Sydney Morning Herald, the university confirmed that its website was compromised more than once during last week and said that it contracted two leading web security companies to perform the forensic investigation.
Furthermore, the institution has not yet contacted the authorities and refused to say if any employee will be disciplined for the security lapse.