
A 28-year-old has been arrested after allegedly carrying out what police have labelled a "sophisticated cyber attack" on a school.
I'm looking forward to an organisation admitting it was a "simple cyber attack"
A 28-year-old has been arrested after allegedly carrying out what police have labelled a "sophisticated cyber attack" on a school. The unnamed man is suspected of disrupting Welland Park Academy in Market Harborough, Leicestershire, England. A police spokesman told a local news website: "Officers received a report of a major …
Also, do they want to tell us what was done and why? So far, all I know is that hard drives got wiped. I'm guessing that was to destroy the evidence from something else, but I don't know. Do they not know either? Or do they have an idea what happened? Or did this guy just like erasing drives and ran out of machines so stopped by? for now, I see little sophistication in the attack or the reporting.
I'd go so far as to say I'd have a heart-attack if an organisation admitted it was a "simple cyber attack caused by bad management decisions, including not spending enough money on security and making the technical staff redundant so we could get a bigger bonus".
Based on that criteria, I don't think I will be suffering from a heart-attack any time soon....
"Yeah, it was dead simple." The perp told the reporter. "I walked into the IT guy's office, typed 'Passw0rd' into the login screen, dumped the database onto a USB pen and walked out. Made a mint on the dark web."
The institution concerned said it was investigating the sophisticated cyber attack and couldn't comment further at this time.
"“rm -Recurse -Force \” will work"
Not that I plan to try it, but will it actually work, or is your system going to crash before the command finishes running, or just after?
Oh... On my Mac the backslash is to continue the command on the next line. So nothing happens (yet). If you press return again it will remove your current directory and all subdirectories (not going to try this), which is usually your user directory. So your system is fine, but your user directory gets wiped.
I had five 17 year old apprentices when I was 21. It seemed normal at the time and I did my best for them even as 'Silicon Glen' began collapsing about our ears. They were definitely smart enough to cause major mischief if they hadn't been employed and trained and motivated.
In my era - Thatcher's era - apprenticeships were a real thing, not a job creation scheme. It utterly scunners me that they've become a new YTS.
And I used to be a citizen
I never felt the pressure
I knew nothing of the horses
Nothing of the thresher
"probably wasn't sophisticated at all, the school just had no security and nobody had any clue what they were doing."
My experience is that there's a strong tendency for "IT teachers" to stick their fingers n their ears and scream loloudly when somoene actually tries to tech THEM
(Not to say that they weren't good once and that brilliant ones don't exist, but many I encounter belong on a dole queue as not only are they thick as pigshit, they put kids OFF learning)
I'm curious to understand his motivation here?
I mean what did he achieve here?
If this was some kind of state-sponsered attack - I'd understand the logic there
If this was an active student playing games - I'd understand this logic too (I remember being called into the classroom alone at college to be greeted by the IT guys.. with the simple question "OK - We know it was you. Now tell us how you did it. How did you get into the admin account?"
Angry teacher/tech who got fired unfairly? Yeah I can see that.
If he placed ransomware on the systems to try to get some monero/bitcoin? Yeah I'd get that too, granted I'd feel it's not a very effective method but still.
But just randomly wiping HDDs on any computer connected to the network? I mean it may be fun at first, but it doesn't actually achieve anything other than potentially causing students to lose school work (as if they didn't lose enough last year already)
I mean, since his not a student (or no longer) of the school, I can't see any true motivation he might have for attacking this schools systems since he doesn't actually achieve or gain anything from it. It just seems like a stupid thing to do.
Maybe I'm just getting old since I'm turning 30 this year..
A disgruntled former student? Maybe some link to somebody at the school who said something and this plonker thought he would do something to make a point.
Just wiping random hard drivers appears a little odd and it would counter-productive to use this as a way of hiding what was stolen. One assumes the school will have a reasonable idea of what was on them and if it is a support system there should be some form of backup. They clearly know what has been affected because the drives had been wiped.
If he was stealing data then just taking it and not wiping the drives would be the intelligent option. This feels like it is just malicious damage & inconvenience rather than data theft or extortion.
I work in school IT - when I first took on the role (it had been previously done by a part time volunteer) there was no password on the school network. Staff complained that files were going missing (this was the first hour I was there) and I found that all pupils had access to every part of the network, from reception ages (that's 4-5 years old) upwards. Things have improved somewhat!
School IT, in every facet, in my experience, is absolutely terrifying. Last example was a teacher sending my kid's class contact email address (good) but thought it necessary to include her imap/smtp/user/password details too (bad).
Lots of parents then went and followed the instruction (aimed at teachers) and proceeded to use Tenscope system as a sort of scary dead-drop email system. I don't think that any of them thought to trawl through other people's messages and sent/deleted folders, or start sending emails as the school, but I could quite easily be reading about this in the national papers.
Ugh.
"I'm curious to understand his motivation here."
Because he can. When I was at school decades ago, there was one chap who made it his mission to destroy the computer facilities.
No, I can't understand it either. My opinion was: why on earth would I do something to destroy my access to the very things I was going to every effort to have access to? "I love experimenting with computers, I know, I'll go to every effort to have my access to experimenting with computers stripped away from me."
Considering possible motives: Pay, lack of promotion prospects, unfair treatment by manglement, or a protest over inadequate IT provisions for backup or security. Given the apparently "unsophistication" of the "attack" I suspect the latter is a very likely line.
There is also one other rather obvious motive, some people just like to watch the world burn.
Now, on most of the former motives I am "understanding" but not supporting of the line taken. If you have got the skills, move job. Vote with your feet! And that said, given the utter crudeness of the method employed, I suspect it might be a case of someone way out of their depth.
If it's a budget / IT system constraint Demo; well, I'm all too familiar with that. There are reasons I keep some of my most important work backed up in multiple locations.
Off the top of my head I can think of much less likely detectable methods to achieve what the accused has tried here.
Reminds me of my HNC Computer Studies Year 5 course work back in the early 80's, We had to write some code to do some simple I/O on the college's BBC Model B's, all the work was stored on the shared drive, and a new lecturer managed to wipe the whole drive a few weeks before grading. The entire year group were awarded "merits" for it, except me. Being a smug git, I was working in 6809 based hardware and had my own Dev kit, so produced hardware, working code, and write-up to head of electronics and bagged a distinction.
Wayward lecturer got away with a slap on the wrist. I remembered him as a maths teacher at my previous upper school, he got the sack from there for being useless.