A school in Cloverdale, Calif., is being criticized for its decision to shut down student access to the internet after two local teens were accused of hacking Pentagon computers. Some charge the school overreacted in issuing the internet ban, but school officials disagree.

The two students, sophomores at Cloverdale High School, have not been charged with any crimes, and investigators are certain the school’s computer network was not used during any of the attacks. But the fear of sabotage or retaliation compelled school officials to close down access to the internet for all students at the school on March 5.

An Israeli man suspected of orchestrating the hacks said he was in constant contact with the Cloverdale youths. Israeli Prime Minister Benjamin Netanyahu describef 18- year-old Ehud TenebaumÐ who is known as “The Analyzer’ because of his ability to analyze security weaknesses in computer systemsÐ as “damn good’ but also “very dangerous.’

Tenebaum is under house arrest in a suburb of Tel Aviv.

Some 800 government, military, and university networks were “cracked” between February 14 and 25. Hit during the attacks were Army, Air Force and Navy sites, the Massachusetts Institute of Technology, NASA, and the Lawrence Livermore National Laboratory.

Government technicians were able to trace the attacks back to two internet service providers (ISPs) in Santa Rosa, Calif. The owners of the ISPs, Bill Zane of NetDex and Dane Jasper of Sonic, then tracked the infiltrations backwards to the homes of the two boys.

On Feb. 25, only days after the attack on Pentagon systems, the FBI raided the houses of the teen-agers, seizing computers, printers, and CDs. Neither student has yet been arrested.

Both, however, were told to stay off school computers while the feds continue to investigate their role in the hack, called “the most systematic, methodical, and concerted effort to attack government and military computers ever seen.”

Although the FBI had not contacted the school, John Hudspeth, the boys’ computer science teacher, disabled the hackers’ network accounts and froze their personal directories.

But the next day Wired magazine reported Cloverdale High sophomore Aaron Crayford, one of the alleged hackers, still had internet access at school. Crayford reportedly sent an eMail to John Vranesevich, the 19-year-old founder of the hacker-friendly computer security group AntiOnline.

School officials have been quoted saying they did not know if the published report was true, but decided to temporarily shut down the school’s access to the internet anyway.

“We had tried to limit the privileges of only the two hacking students, to allow the rest of the student body and faculty to enjoy continued online services,” said Bill Cox, president of the board of education. “But either other students were helping our hackers outÐthrough friendship or because they saw hacking as ‘cool’Ðor our hackers had captured other account passwords and were using those accounts in direct violation of our Acceptable Use Contract that all network users sign.”

Threats of further retaliation in the Wired article coupled with attacks on one of the ISPs were enough to convinced Cox that strong action was necessary. “Do we just wait around for our high school server to be trashed?” he said.

Cox might have good reason to be concerned about the school’s network. One of the systems allegedly hacked by the teens was a Michigan K-12 school district, administered by Leonard Peirce. Peirce, a Unix systems manager at the Western Michigan University, spent an entire day reinstalling the operating system at the school and reassigning pass codes to more than 4,000 school staff and administrative network users.

Pretty clueless

“Anybody that’s connected to the network needs to be concerned about security,” Peirce said. Schools might be particularly vulnerable because, Peirce says, hackers regard K-12 network administrators as “pretty clueless.”

School officials said the temporary suspension was needed to allow them to regroup and learn more about security. Cox also felt that the student body needed to think about the hacking issues in a more reasoned light.

“We were also bothered by an oft-heard student comment that this hacking episode was ‘cool,'” Cox said. “This district holds that hacking is both illegal and unethical. So we decided to engage the whole school in a discussion on the reasons for temporarily downing the net connection and the ethics of hacking.”

A memo that circulated throughout the school read, in part:

“We now see that it is necessary to pause, stand back and review the current status of our electronic environment. Recent hacking episodes have alerted us to issues of security and access that we had not anticipated when we designed our network. Once we work these out, we’ll return with the services that we can securely manage. We can’t say when, we hope it will be soon.”

Joe Simao, president of the student body, said he was disturbed by the decision.

“I think it’s an outrage that these resources are being wasted after being bought and paid for, just because of media hype that may not be true,” Simao said.

The decision to shut down all internet access at the school drew comment from the American Civil Liberties Union as well. “It seemed as if the school might have panicked,” said Ann Brick, staff attorney with the ACLU of Northern California. Brick said she was surprised when she first heard about the school’s action.

“If you had a couple kids who took the tools from their home workshop and used them to commit a burglary, [you] wouldn’t expect the school to shut down its shop class because other kids might use those tools,” Brick said.

Barry Steinhardt, executive director of the Electronic Frontier Forum, pointed out that the allegations against the students have yet to be proven. “It would be particularly disappointing for schools to deny its students internet accessÐwhich is really necessary for their preparation for the worldÐmerely because their fellow students are accused of misconduct off-campus,” Steinhardt said. “There’s an atmosphere out there of ‘blame the internet’ and a fear of the internet which is causing . . . schools to overreact.”

Even Cox admits the policy is unfair. “Is it fair to deny service to 400 kids for the actions of a few students? Clearly not. But right now, we have no selective solution in hand to apply.”

Others think the school was right to suspend access. Nick Tipon, a curriculum resource assistant in technology in neighboring Santa Rosa City School District, said the internet ban is “probably something that I would have done” too. “I’d also want to assess the whole situation.”

Another defender of the school’s action is Bill Zane, owner of the Santa Rosa-based ISP NetDex. NetDex was one of the ISPs that discovered the hackersÐand was subsequently hacked by “Analyzer.”

“To use the information superhighway as a metaphor, you don’t put a kid in the car and turn him out on the highway,” said Zane. Teen-agers’ online activities, Zane said, should be very closely supervised. “It’s one thing when it is a freestanding computer in a corner; it is another thing with computers on the internet.”

Power and prestige

Since Zane spoke to reporters at the San Francisco Examiner NetDex was subject to attack by “Analyzer.” As of March 10, the only information that could be found on the NetDex web site was a letter reassuring subscribers of the safety of their information, and a list of prices. An eMail query to the ISP was returned with the heading “Nobody listening,” and company phones were off the hook.

Cox told eSchool News the duration of the ban was “unknown at this point. When we can securely manage our environment, we’ll resume.”

Cloverdale High’s computer program has been praised for its advanced equipment and training. Currently in the third year of a four-year $256,000 technology plan, the school has spent $192,000 to give its students internet access and other computer experiences. Cloverdale is a high-tech community of 5,500 north of San Francisco.

The motivations of the youthful alleged hackers are unknown. The FBI continues its investigation but refuses to comment.

AntiOnline’s “Pentagon Hacker” Section
http://www.antionline.com/PentagonHacker/

Full Coverage from Yahoo! http://headlines.yahoo.com/Full_Coverage/Tech/Pentagon_Computers_Hacked/

Sonic
http://www.sonic.net

The Pentagon
http://www.defenselink.mil/pubs/pentagon/

Hacked NetDex Page
http://www.antionline.com/archives/pages/netdex