A 17-year old boy from Idaho has been accused of paying a hacker to launch DDoS attacks against his school district.
The teen reportedly hired a third party to organise a week’s worth of distributed denial-of-service campaigns this month against the West Ada school district – the largest educational district in the state. The cyberattacks affected networks at all 52 schools including payroll, online textbooks, virtual teaching and standardised testing.
DDoS attacks coordinate computers around the world to overwhelm a server and cripple its processing ability. The ‘service’ is readily available for hire online for a surprisingly low cost – a brief browse discovered a bargain deal at $260/week.
The district’s IT staff managed to trace the IP address to a 17-year-old at Eagle High School. Another student at middle school level is also allegedly under investigation for a similar attack shortly afterward.
At the time of the hacking many students were undertaking Idaho Standard Achievement Testing online. The DDoS attacks caused the school systems to lose the test and results data and students were required to re-sit their exams multiple times.
According to a report by KTVB-TV News, the teen has been arrested and may face State and Federal computer crime felony charges. If the unnamed student is found guilty he is likely to have to serve up to 180 days in juvenile prison. The suspect has also been suspended from Eagle High and risks potential expulsion.
The minor’s parents are being held financially responsible for the damage caused by the attacks.
This is not the first time a teen has attempted to bring down their school system. In April this year, a 14-year-old in Florida managed to sidestep his middle school’s IT security using just his computer skills to access to the main server and locate files containing data from FCAT, Florida’s standardised comprehensive assessments.
Isle of Man taxpayers’ email addresses accidentally leaked
Hacked Adult FriendFinder database reveals extramarital affairs of millions
More than a million CareFirst customer accounts exposed in security breach