Rayyan Khan and her team had been creating a social media site for their computer science class since the beginning of the semester, but a week before the due date, the project was hacked and stolen.
“Our entire database was missing,” Khan said. “The only thing that was left was a ransom note.”
The junior in the Colleges of Science and Liberal Arts said that by that point, her team had a mostly functional website with a couple small bugs.
“We were trying to start up the website, and it wouldn’t even launch,” Khan said. “It was like an entire component of our project was missing.”
Her team members traced back the issue to the website’s backend database but found that the entire database they had spent hours working on was gone, and there was a note.
“Hey! We got access to your infrastructure and database,” the note reads. “In order to return everything to working condition, write to [email protected] and we will help you. Otherwise, your database will be put up for sale on the dark web in 7 days.”
Khan said that she recognized the “.ru” as a Russian email address. Her teammates looked up rambler.ru, which traced back to a Russian news site.
Khan said she and her team decided to ignore the hacker and rebuild the database from the ground up. The team contacted their professor and teaching assistant and explained the situation, but the professor said he couldn’t give them a large extension because of the strict timeline of the class.
“Two people worked on the database overnight and got it to run,” Khan said. “There were some glitches here and there that we sorted out over the next week.”
Khan said the event was stressful for her and her team. After her team got the project up and running and things calmed down, she decided to post about the situation on TikTok.
“In hindsight, this is funny,” she said. “I would laugh if someone else told me that had happened to them.”
Her post went viral and received almost 200,000 views in less than a month.
She said she received numerous supportive comments from the computer science community on TikTok and advice on how the team could improve the protections on their website.
“We did learn from it,” Khan said. “We implemented a lot of better security practices with our new database.
“It was a good learning experience.”
Khan said her favorite comment on her viral TikTok said, “The fact that this is a possibility in our line of work is wild to think about. Good luck on your project.”
“I just thought it was nice,” Khan said.
Khan said she found out from members of the TikTok CS community that it was quite common for unprotected websites to be hacked, and that there has been a recent increase in the number of cyberattacks because of the conflict in Ukraine and the Russian economy starting to fall.
One of the people who watched Khan’s TikTok contacted the hacker through the email they provided in the ransom note. The viewer discovered that the hacker wanted $50 in bitcoin, and they turned to hacking websites since the value of the Russian ruble went down.
ITaP sent out an email to Purdue students on March 24 warning about an increase in spear phishing activities and referred students to resources protecting against cyberattacks.
Spear phishing is the fraudulent practice of sending emails ostensibly from a known or trusted sender in order to induce targeted individuals to reveal confidential information,” the email read.
Cybersecurity professor Santiago Torres Arias described the current state of cybersecurity as “grim.”
“We’re running code in our pacemakers, we are running code in our cars, there’s code in the power grid and all of these are subject to hacks,” Torres Arias said.
“Most of the problems with cybersecurity right now are not exclusively about coming up with better digital protection systems,” Torres Arias said.
Torres Arias said the problem did not stem from a need for better technology but from people abusing existing technology.
“We’re seeing a lot more hackers who are selective and trying to play the ransomware game to try and get money.”
Torres Arias said that his role as a professor and Purdue’s role as a higher education institution is to improve education surrounding cybersecurity.
“I believe we (cybersecurity professors) are failing a lot of our students and not making them understand how critical cybersecurity is.”