back to article Man arrested after UK school finds wiped hard drives on devices connected to network

A 28-year-old has been arrested after allegedly carrying out what police have labelled a "sophisticated cyber attack" on a school. The unnamed man is suspected of disrupting Welland Park Academy in Market Harborough, Leicestershire, England. A police spokesman told a local news website: "Officers received a report of a major …

  1. Korev Silver badge
    Terminator

    A 28-year-old has been arrested after allegedly carrying out what police have labelled a "sophisticated cyber attack" on a school.

    I'm looking forward to an organisation admitting it was a "simple cyber attack"

    1. doublelayer Silver badge

      Also, do they want to tell us what was done and why? So far, all I know is that hard drives got wiped. I'm guessing that was to destroy the evidence from something else, but I don't know. Do they not know either? Or do they have an idea what happened? Or did this guy just like erasing drives and ran out of machines so stopped by? for now, I see little sophistication in the attack or the reporting.

      1. Alan Brown Silver badge

        "Or did this guy just like erasing drives and ran out of machines so stopped by? "

        The digital equivalent of smashing windows and running away is widespread

    2. Anonymous Coward
      Anonymous Coward

      I'd go so far as to say I'd have a heart-attack if an organisation admitted it was a "simple cyber attack caused by bad management decisions, including not spending enough money on security and making the technical staff redundant so we could get a bigger bonus".

      Based on that criteria, I don't think I will be suffering from a heart-attack any time soon....

    3. GrumpenKraut Silver badge
      Pint

      Came for that exact comment. Satisfied.

    4. My-Handle Silver badge

      "Yeah, it was dead simple." The perp told the reporter. "I walked into the IT guy's office, typed 'Passw0rd' into the login screen, dumped the database onto a USB pen and walked out. Made a mint on the dark web."

      The institution concerned said it was investigating the sophisticated cyber attack and couldn't comment further at this time.

    5. katrinab Silver badge
      Boffin

      rm -Rf / is an extremely sophisticated cyber attack.

      1. TheMeerkat Bronze badge

        When typing on a command line is involved, it looks like magic for the majority of the population.

        1. seven of five Silver badge

          Yeah, but it is white magic (in a sea of black). Possibly green magic, or amber, if you are really old.

      2. EnviableOne Silver badge
        Boffin

        most schools have Windows Boxen, unless they have been benificiaries of the iThing emporium's Education program,

        you'll probably need a few more lines and something like fdisk or diskpart

      3. John Brown (no body) Silver badge

        In a school? That'd most likely result in "Command not found" or whatever Windows says these days.

        1. katrinab Silver badge
          Windows

          You will get:

          Remove-Item : A parameter cannot be found that matches parameter name 'Rf'.

          “rm -Recurse -Force \” will work

          1. gnasher729 Silver badge

            "“rm -Recurse -Force \” will work"

            Not that I plan to try it, but will it actually work, or is your system going to crash before the command finishes running, or just after?

            Oh... On my Mac the backslash is to continue the command on the next line. So nothing happens (yet). If you press return again it will remove your current directory and all subdirectories (not going to try this), which is usually your user directory. So your system is fine, but your user directory gets wiped.

            1. katrinab Silver badge
              Paris Hilton

              I tried it on a virtual machine, after taking a snapshot

              "rm : Cannot remove the item at 'C:\' because it is in use."

              System still seems to work, but I will restore the snapshot anyway.

    6. Bill Michaelson

      Careful with that PR axe...

      It should always be called sophisticated - out of an abundance of caution - because the safety and security of our users is our highest priority. Think of the children.

  2. Danny 2 Silver badge

    aged 21

    I had five 17 year old apprentices when I was 21. It seemed normal at the time and I did my best for them even as 'Silicon Glen' began collapsing about our ears. They were definitely smart enough to cause major mischief if they hadn't been employed and trained and motivated.

    In my era - Thatcher's era - apprenticeships were a real thing, not a job creation scheme. It utterly scunners me that they've become a new YTS.

    And I used to be a citizen

    I never felt the pressure

    I knew nothing of the horses

    Nothing of the thresher

  3. reGOTCHA

    sophisticated and certainly state sponsored

    By the either Russian or Chinese 28-year-old elite hacker... as always.

    1. BillGatesOfHell
      Facepalm

      Re: sophisticated and certainly state sponsored

      .....or the unwitting owner of an infected device now sobbing in a cell while the forensics pore over his dubious intenet history.

      1. Chris G Silver badge

        Re: sophisticated and certainly state sponsored

        Can we expect to see the 28 year old's story in the Who Me column at some time in the future?

  4. chivo243 Silver badge
    Childcatcher

    He was thinking of the Children!

    Wiping that Russian nasty off the computers, he should be given several medals, and a National holiday named after him! And possible a desert and a cocktail...

  5. Anonymous Coward
    Anonymous Coward

    probably wasn't sophisticated at all, the school just had no security and nobody had any clue what they were doing.

    All my kids have had to show the teachers how to use the computers, even my most computer illiterate child knew more than the teachers when he was 8.

    1. Alan Brown Silver badge

      "probably wasn't sophisticated at all, the school just had no security and nobody had any clue what they were doing."

      My experience is that there's a strong tendency for "IT teachers" to stick their fingers n their ears and scream loloudly when somoene actually tries to tech THEM

      (Not to say that they weren't good once and that brilliant ones don't exist, but many I encounter belong on a dole queue as not only are they thick as pigshit, they put kids OFF learning)

      1. Anonymous Coward
        Anonymous Coward

        IT teachers don't normally run the school infrastructure though.

  6. JakeMS
    WTF?

    But Why?

    I'm curious to understand his motivation here?

    I mean what did he achieve here?

    If this was some kind of state-sponsered attack - I'd understand the logic there

    If this was an active student playing games - I'd understand this logic too (I remember being called into the classroom alone at college to be greeted by the IT guys.. with the simple question "OK - We know it was you. Now tell us how you did it. How did you get into the admin account?"

    Angry teacher/tech who got fired unfairly? Yeah I can see that.

    If he placed ransomware on the systems to try to get some monero/bitcoin? Yeah I'd get that too, granted I'd feel it's not a very effective method but still.

    But just randomly wiping HDDs on any computer connected to the network? I mean it may be fun at first, but it doesn't actually achieve anything other than potentially causing students to lose school work (as if they didn't lose enough last year already)

    I mean, since his not a student (or no longer) of the school, I can't see any true motivation he might have for attacking this schools systems since he doesn't actually achieve or gain anything from it. It just seems like a stupid thing to do.

    Maybe I'm just getting old since I'm turning 30 this year..

    1. hoola Silver badge

      Re: But Why?

      A disgruntled former student? Maybe some link to somebody at the school who said something and this plonker thought he would do something to make a point.

      Just wiping random hard drivers appears a little odd and it would counter-productive to use this as a way of hiding what was stolen. One assumes the school will have a reasonable idea of what was on them and if it is a support system there should be some form of backup. They clearly know what has been affected because the drives had been wiped.

      If he was stealing data then just taking it and not wiping the drives would be the intelligent option. This feels like it is just malicious damage & inconvenience rather than data theft or extortion.

    2. Mooseman Silver badge

      Re: But Why?

      I work in school IT - when I first took on the role (it had been previously done by a part time volunteer) there was no password on the school network. Staff complained that files were going missing (this was the first hour I was there) and I found that all pupils had access to every part of the network, from reception ages (that's 4-5 years old) upwards. Things have improved somewhat!

      1. Anonymous Coward
        Anonymous Coward

        Re: But Why?

        School IT, in every facet, in my experience, is absolutely terrifying. Last example was a teacher sending my kid's class contact email address (good) but thought it necessary to include her imap/smtp/user/password details too (bad).

        Lots of parents then went and followed the instruction (aimed at teachers) and proceeded to use Tenscope system as a sort of scary dead-drop email system. I don't think that any of them thought to trawl through other people's messages and sent/deleted folders, or start sending emails as the school, but I could quite easily be reading about this in the national papers.

        Ugh.

    3. J.G.Harston Silver badge

      Re: But Why?

      "I'm curious to understand his motivation here."

      Because he can. When I was at school decades ago, there was one chap who made it his mission to destroy the computer facilities.

      No, I can't understand it either. My opinion was: why on earth would I do something to destroy my access to the very things I was going to every effort to have access to? "I love experimenting with computers, I know, I'll go to every effort to have my access to experimenting with computers stripped away from me."

    4. Ashto5

      Re: But Why?

      You don’t need to understand this guy

      He is a fool and you just don’t want to waste time on him

      Now point the spotlight on HOW he did it and WHY was there no one to stop him and then sack THAT monkey

      1. yetanotheraoc

        Re: But Why?

        Maybe it's monkeys all the way up.

        1. Val Halla

          Re: But Why?

          Speaking of the three wise monkeys I've always found the following applies where security is involved.

          Hear no evil - Directors don't want to know,

          See no evil - Management look the other way,

          Do no evil - Employees just shouldn't do it, or get caught.

    5. Binraider Bronze badge

      Re: But Why?

      Considering possible motives: Pay, lack of promotion prospects, unfair treatment by manglement, or a protest over inadequate IT provisions for backup or security. Given the apparently "unsophistication" of the "attack" I suspect the latter is a very likely line.

      There is also one other rather obvious motive, some people just like to watch the world burn.

      Now, on most of the former motives I am "understanding" but not supporting of the line taken. If you have got the skills, move job. Vote with your feet! And that said, given the utter crudeness of the method employed, I suspect it might be a case of someone way out of their depth.

      If it's a budget / IT system constraint Demo; well, I'm all too familiar with that. There are reasons I keep some of my most important work backed up in multiple locations.

      Off the top of my head I can think of much less likely detectable methods to achieve what the accused has tried here.

  7. arachnoid2 Bronze badge

    I mean what did he achieve here?

    Maybe when at skool he hated Maffs lessons.

  8. Anonymous Coward
    Anonymous Coward

    Back in my day

    They just used to nick the balls out of the mice

    1. Gaius

      Re: Back in my day

      > They just used to nick the balls out of the mice

      I remember, then you would need to boil an egg to get a new one. Good times.

  9. Hubert Thrunge Jr.
    Facepalm

    Memories...

    Reminds me of my HNC Computer Studies Year 5 course work back in the early 80's, We had to write some code to do some simple I/O on the college's BBC Model B's, all the work was stored on the shared drive, and a new lecturer managed to wipe the whole drive a few weeks before grading. The entire year group were awarded "merits" for it, except me. Being a smug git, I was working in 6809 based hardware and had my own Dev kit, so produced hardware, working code, and write-up to head of electronics and bagged a distinction.

    Wayward lecturer got away with a slap on the wrist. I remembered him as a maths teacher at my previous upper school, he got the sack from there for being useless.

  10. sniperpaddy

    Hunter Biden

    Whew ! Hunter Biden safe at last. :)

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021