News

Attention: the page of NEFU Rector has been hacked

  • 11 August 2015
  • 780

Attention: the page of NEFU Rector has been hacked

The website of North-Eastern Federal University has been hacked. On the night of 8 to 9 August at 00:30 a.m. (Yakutsk time), the IP-addresses registered in San Francisco and Kansas City (USA), have hacked the section "Rector’s Column" in the English and Russian languages. According to NEFU IT Department, hackers used SQL injection into 1C-Bitrix, on which the site of the university was developed.

The page “Rector’s Column" is the most popular in the scientific and educational environment both nationwide and worldwide. The fact that the page is popular is report of Evgenia Mikhailova "First Five Years of NEFU Development 2010-2014" in Russian, which has been visited more than 5500 times, the English version - more than 4 thousand times.

Programmers of the University quickly resolved the incident. According to the employees of NEFU Department for corporate site development, the attempts to hack the official website of the university increased recently.

The website of North-Eastern Federal University has versions in five languages: Russian, Yakut, English, Korean and Chinese, including version for the visually impaired.

Reference:

SQL injection is a way to hack websites and programs, working with databases, based on the injection of SQL- arbitrary code into query.

The injection of SQL, depending on the type of database and the injections conditions, may allow an attacker to execute arbitrary query to the database (for example, to read the contents of any tables, delete, edit or add data), to be able to read or write local files and execute arbitrary commands on the server under attack.

Author: NEFU IT Department

Copying of articles is allowed only if there is an active (clickable) link to the source page of North-Eastern Federal University. Link must be directly next to the material, must be visible and direct (without using the java-scripts).