BreachExchange mailing list archives
Sophisticated hacking system may be behind hoax threats received by Australian schools
From: Inga Goddijn <inga () riskbasedsecurity com>
Date: Wed, 3 Feb 2016 13:35:27 -0600
http://www.theguardian.com/australia-news/2016/feb/03/sophisticated-hacking-system-behind-hoax-threats-received-by-australian-schools Authorities believe a sophisticated and automated hacking system is behind a series of threatening hoax phone calls that have disrupted the start of the year for students at more than 30 schools throughout Australia, as well as students from hundreds of schools throughout France, Italy, the Netherlands, Japan, and the UK <http://www.independent.co.uk/news/uk/home-news/school-bomb-threats-glasgow-high-school-searched-by-police-after-threat-a6846191.html> . The calls began on 29 January and were ignored by parts of the Australian media, with police in New South Wales urging reporters not to give attention to the hoaxers who threatened school shootings and bombs. However schools have been seriously disrupted and staff, parents and children inconvenienced as the calls have continued into February. On Tuesday, 17 schools were evacuated in Victoria, nine in Queensland, five in the Australian Capital Territory and an undisclosed number in New South Wales. By Wednesday morning, eight more calls had been made to Queensland schools, as well as to schools in Victoria and on the NSW central coast. The chief commissioner of Victoria police, Graham Ashton, told reporters that the threats were a “hoax scenario” but that schools needed to be evacuated every time because “it may be that a particular call that might come in that is not a hoax”. Ashton told reporters that he did not believe the calls would provoke copycats, because the automated hacking process required to make the calls en masse appeared to be quite sophisticated. However, it appears there may be more than one group behind the calls. A group of hackers calling itself “Evacuation Squad” has claimed responsibility for the calls affecting Europe, the US <http://nymag.com/following/2016/02/evacuation-squad-shuts-down-schools-for-fun.html?mid=twitter_nymag#>, Japan and South Africa, a representative of the group, who goes by the name Viktor Olyavich, said Evacuation Squad were not behind the Australian calls. Twitter has suspended the accounts of two Evacuation Squad members who claimed responsibility for the calls. Victoria’s education minister, James Merlino, told ABC radio on Wednesday morning that local police were working with Australian Federal Police and police internationally to find the hoaxers. “This isn’t an easy area of law enforcement,” Merlino said. “The [dark web] is quite sophisticated, it’s quite difficult to track down perpetrators.” He confirmed that Nossal high school, a selective state school located within the Berwick campus of Monash University, was working with police to establish whether its telecommunications system had been hacked and used to make some of the calls. “It may be that the hacking and the telecommunications are bouncing around the world and landing in this school,” Merlino said. To date, the calls appear to be no more than an elaborate hoax. But they have disrupted students, many in kindy or preschool and attending school for the first time. In the case of a shooting threat, schools are placed into lockdown, while for bomb threats, children are evacuated to a nearby meeting point, often a school oval, and are forced to wait until the school is declared safe by police. A Queensland police media spokesman said during evacuations on Tuesday, when temperatures reached 40 degrees, a student was taken to hospital suffering from heat exhaustion during an evacuation. A Queensland ambulance service spokeswoman said paramedics were called out to a school at 11.25am and treated 13 students aged between 12 and 14. Five were taken to hospital, she said, three suffering from heat exhaustion and two suffering from undisclosed medical conditions. However, state and territory police have said at this stage, there was no cause for alarm. “We can confirm that the schools have been searched and nothing suspicious has been identified,” ACT police media said in a statement. “We are aware that schools in a number of other states have recently received similar calls. Police are warning that it is an offence to make such threats and every effort will be made to identify those responsible. The offence carries heavy penalties.” NSW police statement said: “There is no evidence these are anything other than hoaxes designed to causing unnecessary disruption and inconvenience”. “The threats appear to come from overseas with no credible evidence they could be carried out here,” the statement said. “Police investigations are continuing into the hoax calls and their source.” There is no suggestion the calls are linked to terrorism. Professor Sanjay Jha, the director of cybersecurity and privacy at the University of NSW, said that the perpetrators could prove difficult for police to track down. There were numerous commercial internet servers available to businesses wanting to make automated calls, he said, for example banks wanting to alert customers when suspicious activity was registered on an account, or telemarketing companies wanting to sell people products or services. “What happens with these servers is you have to create an account and the account establishment might not be a very stringent process when it comes to having to prove your identity,” Jha said. “It means if people are malicious and have created an account with a false identity and they’re outside Australian jurisdictions, it can be difficult to trace where they are or the people behind it. These servers are typically not in a locations where Australian authorities can easily access them.”
_______________________________________________ Dataloss Mailing List (dataloss () datalossdb org) Archived at http://seclists.org/dataloss/ Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss For inquiries regarding use or licensing of data, e-mail sales () riskbasedsecurity com Supporters: Risk Based Security (http://www.riskbasedsecurity.com/) Need access to data breach details or alerts when new breaches happen? Risk Based Security's Cyber Risk Analytics portal, fueled by the RBS breach research team, provides detailed information on how data breaches occur and which vendors to trust. Contact us today for a demo.
Current thread:
- Sophisticated hacking system may be behind hoax threats received by Australian schools Inga Goddijn (Feb 04)