St. Petersburg College officials say the incident was a malicious attack involving a virus. The FBI and FDLE are investigating.
By ADRIENNE P. SAMUELS
Published February 11, 2004
Classes ended abruptly last Thursday night at St. Petersburg College after a computer virus infected the E-campus, causing the school's Internet infrastructure to overload and preventing students from finishing their online tests.
It was an unwelcome problem at a school that prides itself on having Florida's largest electronic campus, with 12,000 students taking classes and tests via the Internet.
SPC officials say the attack was malicious and planned by hackers who know the school is part of a well-known cyber security consortium. The FBI and Florida Department of Law Enforcement have been notified.
"We want these perpetrators to know that we will file charges," said Conferlete Carney, SPC's vice president of information systems, business services, planning and budgeting.
The "attack" started about 6 p.m. Thursday, said Carney, who thinks the cause was the Novarg, or Mydoom, virus. Mydoom, which sparked headlines in recent weeks by attacking Microsoft, infected 100 to 150 college computers through some of the hundreds of thousands of pieces of infected e-mail attachments received by SPC staffers in the past three weeks.
Any computer already infected with the virus - even those outside SPC - could have allowed the attack. After an infected e-mail attachment is opened, Mydoom leaves a "back door" - a kind of remote control access - for the hacker.
SPC got "doomed" when about 1,000 computers were instructed to access the school's server, Carney said. It caused a massive system overload deflected only when the illegitimate Web traffic was routed elsewhere.
School administrators could not say how many students were kicked off the site during the four-hour attack. Many were taking tests or completing online homework assignments at the time.
Speech professor Jan Ballantine now has to reschedule a class that was already planned as a makeup session.
"I log on at 6:30 p.m. and - guess what? - I can't get in," said Ballantine, who teaches four classes online. "I called the help desk, and they said, "We're sorry but it went out at 6.' At 11 o'clock, I still couldn't get on."
Ballantine's students, meanwhile, were frantically trying to log in to the college's private network.
SPC's server told them it was busy, or that service was denied.
"They left messages on my work machines, they e-mailed my work account, which I couldn't check until the next day," Ballantine said. "They all thought it was their fault."
SPC's infected computers were cleaned out, and faculty members were sent an e-mail Monday explaining what happened.
The school has spent $300,000 to upgrade Internet software and hardware in the past four years and plans to spend a half million more, Carney said. SPC, which also offers certificates in information technology, is equipped to handle such an attack because it is part of the International Information Systems Security Certifications Consortium. The school hosted a cyber security summit in January with the FBI.
Internet security specialist Winn Schwartau said the very nature of the college made it vulnerable to an attack.
"Education institutions are notoriously the least secure because education systems are meant to be an open exchange of knowledge, and, therefore, you don't have a lot of controls in place," he said.
In many instances, Schwartau said, it's the top executives who open infected e-mail attachments.
SPC said the school's operations are back to normal, or will be once the students get a chance to make up last week's classes.
"Last Thursday was very stressful for those students who were already stressed to give their speeches online," Ballantine said. "So this Thursday night, we're going to meet again - God and server willing."
