18 Alaskan Teens Use Phishing Scam To Hack School System

[Erica Absetz <erica () riskbasedsecurity com>]

http://www.redorbit.com/news/technology/1112837519/alaskan-teens-hack-into-school-system-050313/

At least 18 Alaskan students are accused of using a phishing scam to
gain control over the computers at their middle school. According to
the Anchorage Daily News, these students hacked into the school-owned
laptops after tricking a teacher into giving them an administrative
password. Once inside, the unnamed students accessed their classmate’s
laptops remotely using a feature built for teachers to monitor their
students.

The Ketchikan school has now seized each of the 300 laptops loaned to
students in order to identify any other students involved. Once the
investigation is complete, the school district will determine the
appropriate punishment for the adolescent cybercriminals.

In an interview with Ketchikan FM station KRBD, Casey Robinson,
principal at Schoenbar Middle School, explained how the students were
able to get administrator access and spy on their classmates.
According to Robinson, these students used a trick most often used by
the youngest of children: asking for a password to upgrade a piece of
software.

“Students were manipulating their machines, so the teachers thought
they were installing an upgrade of Java for example, and in the
background something else was running that the teacher was actually
logging into as well. And it only took one time,” explained Robinson.

Jurgen Johansen, the district’s technical supervisor, said the method
used by the students to hijack the system has been used for many
years. He also said he’s surprised this hasn’t happened sooner, but a
few rookie mistakes made by the students blew their cover pretty
quickly.

Once the students had access to the teacher’s account, they began
making new administrator accounts for one another. With these accounts
the students spied on each other and their peers. Some classmates
noticed their laptops were acting unusual, as if being controlled by
another person, and notified their teachers. Robinson said the
students first hacked into the system last Friday and students
reported the prank the next Monday.

“We’ve got some really good kids here,” said Robinson in an interview
with the Associated Press. “When they know something’s not right, they
let an adult know.”

The school has since retrieved each of the 300 laptops that were
available to students and have begun an investigation to determine
what else these students did while they had access to administrative
accounts. Robinson says that so far, they haven’t found any additional
hardware or software issues.

“I don’t think there was any personal information compromised. Now
that we have all the machines back in our control, nothing new can
happen.”

Johansen said his IT team will be putting in a lot of overtime to
complete their investigation and find each of the students involved in
this hack. Though he said he was surprised this kind of attack hasn’t
happened sooner, Johansen and the district are using this incident to
review their loaned computer policies. This means the agreement signed
by students and parents and the student code of conduct will likely
have to be amended to prevent this sort of attack from happening
twice.

“How we do business is definitely going to have to change when it
comes to updating programs and resources on the machines,” said
Robinson.

“Yes, something new is going to have to happen.”
_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://datalossdb.org/mailing_list

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
Risk Based Security equips organizations with security intelligence, risk
management services and on-demand security solutions to establish
customized risk-based programs to address information security and
compliance challenges.