AMS website infected with virus

Queen’s ups cyber security while student government site cleansed of Ukrainian hack 

The AMS website displayed a potential hacking warning most of Wednesday and Thursday.
On Jan. 18, an anonymous hack originating in the Ukraine was successful in infecting virus information into the AMS website, at myams.org. 
 
The hack was confirmed by AMS Director of Information and Technology Michael Judd during a phone call with The Journal on Thursday afternoon. “They were successful in, not getting onto the site, but putting something into the site,” Judd explained.
 
While he often gets notifications from their security system that a hacking attempt was made, all the other attempts he’s aware of have been unsuccessful prior to Wednesday. 
 
“I don’t think it was any kind of personal attack,” he added. “I think it was some kind of hacker that just infects websites with whatever they can.” 
 
The AMS website was the sole platform affected, as their internal information servers are hosted separately by Queen’s. The website has its own security plan through the AMS’s content management system, meaning any information saved onto the student government servers remained protected. 
 
Judd believes the intended outcome of the hack was to place a link of sorts on the AMS site, which would re-locate users to another page with the capacity to steal user information. 
 
“Nothing too harmful for the average user, but just kind of annoying to have on a website,” he said. “We’ve hired someone to fix it and hopefully it will be all clean and ready for, hopefully, today ... I guess I’ll get a report soon.” 
After the hack was noted, the AMS site underwent a backup, which would have re-directed users to a Wordpress page during a window of time on Wednesday afternoon. 
 
Queen’s own servers, which host the AMS documents and information that remained unaffected by the hack, have been upping their cyber security this week. 
 
On Jan. 16, an email was sent out to the university community from Chief Information Officer and Associate 
Vice-Principal (Information Technology Services) Bo Wandschneider. 
 
“Concerns about cybersecurity are mounting across the country, and like other institutions, Queen’s is taking steps to mitigate risks,” it read. 
 
“Effective today, all Queen’s students and employees will be required to update their NetID password annually.” 
Individuals failing to change their password within the allotted timeframe will be locked out of their accounts, needing to change the password to regain access with a delay of up to 30 minutes. 

When commenting, be considerate and respectful of writers and fellow commenters. Try to stay on topic. Spam and comments that are hateful or discriminatory will be deleted. Our full commenting policy can be read here.