Hacker Disables Computers in North York Area Schools

[William Knowles <wk () C4I ORG>]

http://web.lexis-nexis.com/more/cahners-chicago/11407/6460826/3

The Toronto Star
October 20, 2000, Friday, Edition 1

An act of computer sabotage has thrown 140 North York schools into
cyber-chaos all week, disabling terminals from classrooms to the head
office.

Emergency crews were slated to work all last night to restore service
to the remaining 62 schools still affected.

It has been one week since an unknown hacker erased files which give
everyone from students to superintendents access to many of the
Toronto District School Board's computers.

The attack - believed to be an inside job - took place overnight Oct.
12 and disabled four out of the five school board computer servers in
the former North York.

But while some schools had to send time cards to the board's payroll
office by fax instead of computer this week, paycheques next week
should not be delayed, said Brian Cain, the board's executive officer
of business services.

"Everyone should be paid on time because we were able to get the
payroll computers up and operating within two days after the system
went down," Cain said.

Teachers are paid once a month and were paid last week, whereas
non-teaching staff, such as caretakers and secretaries, are paid every
two weeks and should still be paid Thursday.

The breach of security may lead board staff to speed up the timetable
for converting the old computer systems of the former school boards
into one new system for the megaboard, Cain said.

"When we become very dependent on technology as a way of doing
business, it's very frustrating not having access to the system," he
said.

"We had planned to replace the old systems gradually over the year
2001, but obviously, if we have this sort of security weakness, we'll
be looking at the possibility of accelerating that conversion."

Cain, whose own computer was down for four days, said this is the
longest downtime experienced by the board from a hack attack.

The board has not asked police to investigate but has asked the
auditing firm KPMG to help trace the source of the sabotage and
suggest ways to tighten security.

"It would appear it was an intentional act by someone with knowledge
enough to delete certain essential system files, but our focus has
been to get the system up and running again, more than tracking down
the source of the problem," Cain said.


*==============================================================*
"Communications without intelligence is noise;  Intelligence
without communications is irrelevant." Gen Alfred. M. Gray, USMC
================================================================
C4I.org - Computer Security, & Intelligence - http://www.c4i.org
*==============================================================*

ISN is hosted by SecurityFocus.com
---
To unsubscribe email LISTSERV () SecurityFocus com with a message body of
"SIGNOFF ISN".