http://www.sun-sentinel.com/news/local/palmbe
ach/sfl-pgrades27mar27,0,2175689.story?coll=sfla-news-pa
lm
By Marc Freeman
South Florida Sun-Sentinel Education Writer
March 27 2006
Despite numerous measures to protect its computer network
and prevent
hacking, Palm Beach County schools appear to be a victim
again.
A recent breach under police investigation -- possible grade
changing
by several students -- adds to a growing number of attacks
on
seemingly defenseless schools and colleges across Florida
and the
country.
The sobering reaction among national experts and educators:
Students
and employees who want to cheat or attack computer networks
are likely
to be successful, regardless of high-tech security features
and
repeated warnings to abide by the rules.
"It's going to happen more," warns Greg
Lindner, director of
technology for the 60,000-student Elk Grove Unified School
District,
near Sacramento, Calif.
During the past two years, Elk Grove high school students
hacked into
computers in three incidents, stealing personal information
and
changing grades of three-dozen other students. The violators
used
illegal hacking software and keystroke-recording devices.
"It captures [user] log-ins, their passwords,
everything," Lindner
said, who hopes recent network enhancements are more
effective at
blocking would-be hackers.
Palm Beach County School District administrators declined to
discuss
details about their ongoing inquiry, but last week, in
response to a
request under the state open-records law, released
confidential
reports outlining their computer-security programs and
procedures.
"We don't go out and publicize what we do and what we
don't do for
obvious reasons," said Linda Mainord, district chief
technology
officer. "We are trying to use best practices as
associated with a
large computer installation."
In April, administrators produced a plan outlining
investigative and
other security procedures to use after an incident. The
blueprint
followed the case of a high school student from Palm Beach
Gardens who
hacked into the district's computer systems in December
2003 and
January 2004.
Besides the incident-response guide, the district's
Information
Technology department oversees 19 ongoing computer-security
projects,
aimed at preventing attacks, documents show.
In another proactive measure, the district requires all of
its
computer users to sign a form promising to avoid improper
activity. In
the schools, character-building lessons and behavior
programs are
aimed at preventing abuses, which helps curtail cheating and
possibly
computer hacking, district spokesman Nat Harrington said.
"Everybody knows what the expectations are," he
said. "Everybody knows
what the consequences are. That has cut down on a lot of
incidents."
The district's measures to prevent computer crimes appear
to follow
strict guidelines recommended by the International Society
for
Technology in Education, a Washington, D.C., nonprofit
organization
that advocates expanding technology in schools.
Leslie Conery, the group's deputy chief executive officer,
said school
systems must develop and promote policies regulating the
acceptable
use of computers. Second, the schools need to have an action
plan for
what steps to take after an incident, including how to
conduct
investigations and potential punishments for offenders.
In June, Palm Beach County prosecutors dismissed a
computer-offense
charge against Ryan Duncan, the former student from Palm
Beach Gardens
caught breaching the district's network. Officials said he
avoided the
prospect of jail time because he did not attempt to crash
the system
or change grades. As part of a plea deal, he agreed to
produce a video
touting the evils of hacking, pay $2,025 in restitution and
write an
apology letter.
While computer security is essential, it's also critical to
convince
cheaters they shouldn't cheat in the first place, said
Timothy Dodd,
executive director for The Center for Academic Integrity at
Duke
University in Durham, N.C.
"A kid with computer skills with a conscience is not
going to hack
into a transcript," said Dodd, whose organization
helps college and
secondary-school educators stop "academic
dishonesty."
Dodd blames society for leading some students to hack away
without
fearing the consequences. There are "a terrible set of
messages to
students to do whatever it takes to get ahead," he
said. "We want to
fashion the mission that behavior with honesty
matters."
Still, student computer hackers have been refining their
illicit
skills ever since the 1983 film War Games. The problem has
intensified
in recent years as teachers and administrators began using
online
software to enter student grades and test scores.
"It's a challenge we've dealt with forever,"
Palm Beach County Schools
Superintendent Art Johnson said.
Copyright © 2006, South Florida Sun-Sentinel
_________________________________
InfoSec News v2.0 - Coming Soon!
http://www.infosecnews.org
|