10/23/2014

websites of flemish schools can easily be hacked (on tv) because they are not secured

On VTM there was a documentary how youths were hacking servers from their schools to change their results and other notes. The teachers themselves were overwhelmed because they have hardly dedicated ITstaff and they can't keep up with the necessary Itsecurity budgets and tasks. The minister was talking about awareness and blablablablabla

The advantage of this documentary is that the hacker was better protected  than on the VRT in which you could see his face clearly. As he is protected he is a source and as a source the police will find it very difficult to get his name - except if he left somewhere a trace to his own IP address (that is why it should have been done through an IP address of a computer from the Mediafirm).

Secondly VTM said several times during the documentary that this was illegal and that students could go to jail for a few years if they do it again after their first conviction and that it was in fact very dangerous. But at the other time it presented hacking as something very easy. You only had to download some programs and than you attack the site of your school. It looks easy but if you want to erase all your traces to not get caught if somebody files a complaint, than it takes a lot of time and preparation.

Schools do not have at present safe platforms for a number of schools that are managed by professionals. Only these platforms have the scale and the resources to keep the individual sites from being hacked. A cert with a few people for all the schools wouldn't be bad either. They could notify a school then their site is hacked or send practical information out if a patch is necessary and so on.

Secondly schools need to know which information shouldn't be on the web or the network if it ain't worth the risk and they don't have the money to protect it. This is just a very healthy cheap principle. It is maybe not as easy but it is safe and secure and that is what is important.

Third double authentification is the future, the time of passwords is over. There are 1 billion passwords to download on the internet so passwords have no security anymore as a security.

Permalink | |  Print |  Facebook | | | | Pin it! |

The comments are closed.