2020 Miami-Dade Public Schools DDoS attack

From Wikipedia, the free encyclopedia
Jump to navigation Jump to search

2020 Miami-Dade Public Schools DDoS attack
Lua error in Module:Infobox_mapframe at line 197: attempt to index field 'wikibase' (a nil value).
DateSeptember 3, 2020; 5 years ago (2020-09-03)
Time2:53 am EDT (06:53 UTC)
LocationMiami-Dade County, Florida, United States
TypeCyberattack
Cause
Outcome
Arrests01
File:Denial-of-service attack.gif
Authorities believe the Miami-Dade school district experienced a distributed denial-of-service (DDoS) attack (see illustration) designed to overwhelm the bandwidth of the targeted system. There are two types of DoS attacks: One is designed to crash services and the other is designed to flood services. The most serious attack is distributed.[1]

On September 3, 2020, at 2:53 am EDT, a 16-year-old male from South Miami, Florida was arrested in connection with distributed denial-of-service (DDoS) attacks on the Miami-Dade County Public Schools’s computer network, the fourth largest in the United States,[2] causing the system to crash during the first three days of the school year. It occurred as the school system was attempting to conduct internet-based instruction during the COVID-19 pandemic of 2020.

After monitoring the IP addresses using the network, investigators concluded the teenager and several foreign actors had hacked the system.[3] At the time, the school district had contracted Stride, Inc. (at the time known as K12 Inc.) to provide the software necessary for the internet-based instruction. Despite its price tag of $15.3 million, Stride was surprisingly susceptible to the attacks. Consequently, the school district sought the help of the FBI and the U.S. Secret Service to investigate.[4]

Method used in the attacks

[edit | edit source]

According to an affidavit, the suspect used Low Orbit Ion Cannon (LOIC) to launch the attacks. LOIC is an application that uses DDoS-style attacks to disrupt websites. However, investigators say the teen was not the only hacker involved. Numerous other IP addresses were associated with the attacks originating from Russia, Ukraine, China, Iraq, and other countries. Investigators said the suspect was responsible for eight of the at least 24 attacks.[3]

After the accused admitted to his involvement, he was charged with the crime of using a computer to defraud, a third-degree felony.[2]

Agencies involved in the investigation

[edit | edit source]

The FBI, the U.S. Secret Service, and the Florida Department of Law Enforcement[5] were the investigating agencies. Former US Congresswoman Debbie Mucarsel-Powell of Florida's 26th congressional district formally asked the FBI for a briefing on the issue.[6][7] US Senator Marco Rubio from Florida asked the Department of Homeland Security for information about the attacks as well.[8]

See also

[edit | edit source]

References

[edit | edit source]
  1. ^ Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).
  2. ^ a b Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).
  3. ^ a b Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).
  4. ^ Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).
  5. ^ Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).
  6. ^ Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).
  7. ^ Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).
  8. ^ Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).