Ramen worm’ infects student group Web sites

Sara Melillo

More than 40 student group Web sites remained unavailable Monday after hackers tampered with an Associated Student Government Web site over the weekend.

The “Ramen worm” program, which disrupted access to more than 80 student group Web sites, entered the ASG student organization server around 5 p.m. Sunday during a periodic upgrade, said ASG Technology Director Sean Melody.

When students logged on to any site on the studorg.northwestern.edu server, browsers displayed “Ramen creW looooooooooves noodles” instead of the groups’ usual pages.

Melody, a McCormick senior, said the perpetrators penetrated the server’s security by pinpointing a software program that had accidentally turned on during the server’s upgrade and was vulnerable to the worm.

When he was notified of the problem around midnight, Melody immediately tried to stop the worm from causing additional damage to the site.

“I was able to stop the worm from replicating pretty quickly and I attempted to recover any HTML index files that I could,” Melody said. The index files house each student group’s home page.

Melody has continued upgrading the server and attempting to control the damage caused by the hackers’ handiwork.

He said he fixed the problem early Tuesday morning.

“My response has been to try and fix the problem to limit the time the Web pages are down,” Melody said. “The original plan was to have everything back online by Monday morning, but because of this incident it did complicate the upgrading process.”

ASG Executive Vice President Jordan Heinz sent an e-mail to student group leaders on Monday instructing them to upload their files to the ASG server so their pages could be displayed.

About 40 student groups’ pages were displayed as of Tuesday night.

Information Technology administrators said the “Ramen worm” is increasing in popularity.

“This Ramen worm is a relatively new worm that seems to be spreading pretty rapidly,” said Roger Safian, information security coordinator for NUIT. “This is the first one I am aware of at Northwestern.”

Melody said the individuals who planted the Ramen worm should not be called hackers, but rather “script kiddies,” a term applied to those who insert worms into computer networks.

“They tend to be younger kids in high school who don’t possess a lot of technical skills,” Melody said. “They have found a way to launch an attack like this and do it to try and impress people.”

Melody said he “sincerely doubts” NU students were responsible for the incident.

“I would hope that Northwestern students have better things to do with their time,” Melody said.

Student group Webmasters said they are working to display their pages again.

“It’s not a very good thing, but things like this happen,” said John Franck, Webmaster for Dance Marathon. “We are supposed to be portraying an image of professionalism, and this isn’t the image we want to portray.”

Student groups will continue to upload their pages to the server throughout the week.