When Saint Louis University students checked their SLU e-mail account on Sept. 4, they found a puzzling message from one “Gregg Ortega,” with subject header “rung,” and a message consisting of simply “oshkosh.”
As soon as administrators realized the system had been hacked, forensic investigations into what and who was responsible for it began immediately.
Though some students responded to the cryptic e-mail, the fact that it was in their mailbox at all demonstrated something far more problematic, since only those with specific authorization are supposed to be allowed access to the SLU student listserv.
“The listservs are pretty carefully controlled and locked down,” said Ellen Watson, vice president of SLU’s information and technology services. “We’re still investigating why this one was vulnerable and what tools people used to get access to [it].”
A listserv is a “convenience device . to let you send a single message to a group of people,” Watson said.
According to Watson, when anyone usually attempts to use the general SLU listserv without the necessary credentials, the intrusion is reported to ITS instead of being accessed. Representatives then investigate the source of the failed e-mail and try to determine why the person in question was attempting to message the entire student body.
Watson did not know exactly what the hacker’s motives were.
“It’s almost impossible to assign motives when you don’t know [the hacker] and don’t have anymore details than just [one] e-mail,” she said.
Even more troubling was a derogatory list of 14 SLU students the hacker put on a list of “people who suck.” The inclusion of current SLU students’ names led Watson to believe that whoever was responsible is either a member of the SLU community presently, or was at one point.
Dean of Students Scott Smith contacted the students whose names appeared on the e-mail to offer assistance, show support and apologize for the incident.
“This is not what it means to be part of the SLU community,” he said.
Watson and Smith are currently working with Vice President of Student Development Kent Porterfield, Ed.D., to determine what path they will take to handle the incident.
“We’re still completely in the investigation phase,” Smith said, encouraging anyone with any information to come forward.
In the meantime, Watson said that investigations will continue to determine who the culprit was and how they managed to bypass the carefully devised security measures, in order to correct any similar vulnerability in other listservs. The listserv in question has been shut down pending further inquiries.