A group of students, acting under the pseudonym ‘Guild of Pirates’, claim to have gained access to the Guild’s sensitive data this week.
To substantiate their claims, the group released a copy of this year’s Gradball ticket through their Twitter account @GuildofPirates, taunting: ‘We’ve got our Gradball ticket, have you?’ On Monday, April 27th, the group released another tweet under the hashtag #SecureTheGuild, purporting to have gained control over the Guild’s email server. This enabled them to send their open letter to all staff within the organisation seemingly from the CEO’s account
The letter, available in full at the Guild of Pirates’ website (http://ift.tt/1QPK3qw), alleges that ‘YOUR Guild of Students is failing you’ as it, ‘fails to protect its sensitive data and services.’ Their website, outlining the group’s motives and intentions, explains that the Guild’s IT infrastructure is relatively open to infiltration and accessible to anybody with a laptop, due to the widespread use of simple default passwords and ‘just plain negligence’.
In addition, they have issued an ultimatum warning that they will release the line up of this year’s Gradball should enough people follow their Twitter account before the Guild has taken sufficient action.
The group’s reasoning for conducting this activity follows a proposed motion, GC.2.15.8i, submitted to Guild Council in February. The motion states that the Vice President of Democracy, Resources and Sustainability, Bethan Dovey, is to report back to the Guild’s democratic body with an outline of the organisation’s data backup and network security policies. The need for this review is explained by the fact that the Guild holds numerous personal details of student staff and society members such as addresses, bank details, national insurance numbers and telephone numbers.
Branding Guild Council as ‘needlessly bureaucratic and tedious,’ the hackers maintain that they have no intention of reading the files or emails of any account on the Guild’s network and that their primary motive is to encourage the Guild to bolster its security.
Katie, a first year English and History student, said that the group ‘Don’t seem particularly malicious.’ However, she is ‘still concerned’ that her personal information could be accessed so easily, ‘It doesn’t fill me with much confidence that my personal details can be out in the open like that.’ Niall, a second year English Literature student, wonders ‘what a larger, more malicious organisation of hackers could do if it was so easy for a small group of students.’
The Guild has not yet been able to provide Redbrick with a comment. Meanwhile, the hacktivists, claiming to be a group of ‘concerned students’, are expected to release further information every few days until the Guild secures its systems.
Source: http://ift.tt/1bGX8Cb
from cyber security caucus http://ift.tt/1QPK5i1
via IFTTT
No comments:
Post a Comment