|
|
|
|
|
|
by edtechstrats
2780 days ago
|
|
|
They boys are clearly tech-savvy to a degree (they build their own PCs, mined crypto, understood Windows user permissions, etc.), but I seriously doubt that they would or could have broken into the district's systems without two things: 1/ an admin password left on a sticky note and 2/ clear text storage of other user passwords in an excel file published in a shared folder on the first machine they accessed (a public machine in the middle school library!). Other issues: old user accounts left still active; no review of access logs or logs of server usage (which would have spotted Monero mining). Note: the boys reported that passwords on sticky notes was routine throughout the district (and how they got access to the security cameras, too). |
|
|