The popular Italian
Below the translation of message published by the group.
"Dear student / teacher friends, after a few months today we decided to focus our attention on you too :)
We spent searching holes in Italian universities (and not only, we remember that dozens of universities were hacked in 2011), to try to show you that security in the academic environment must be taken seriously since the university is the den of the excellent minds of our future. If the concept of security does not start from our schools, how can we have a better ruling class than the current one? Since our previous attacks did not bring any sense of shame on your part, we decided to let you taste another round, until you are able to admit how is ridiculous your security.
I reached the group to have more information about their operation, they told me that the choice to attack the universities of Basilicata, Napoli and Rome3 was casual.
As for motivation, they confirmed to me they have always had an interest in Italian education. They explained that after 9 years since the first attacks against the universities, nothing has changed from the cyber security perspective.
Two weeks after the hack, one of the universities breached by the group, Uniparthenope, sent a data breach notification via email to the impacted students and teachers. LulzSec ITA told me that the notification attempted to downplay the incident, despite the
The other two universities, “Università
How did LulzSec ITA hack the universities?
In the simplest way, the hackers used a classic and very simple SQL Injection attack. Such kind of attack could be automatically launched by using very simple tools. SQL Injection attacks can allow attackers to access the target database.
It is embarrassing that universities could be hacked with a so simple technique. The
(SecurityAffairs – LulzSec ITA, hacking)
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.