As schools navigate unchartered territory and are forced to conduct classes online, they increasingly have to defend against hackers.
Last week Beaumont Unified School District issued an apology after students were exposed to pornography at Beaumont High School and Mountain View Middle School.
A message posted to Beaumont’s Aeries.net network explained that three classroom periods for one teacher were under siege by hackers.
As a result, a teacher claimed that her Google Meet classes would no longer be synchronous (in-person); rather, she would instead post recorded lessons for students to be completed independently.
The school district issued a statement: “On Aug. 17 and 18 Beaumont USD administrators were notified of a small number of online sessions that were interrupted by a hacker/hackers. During these incidents, inappropriate use of language and content of graphic nature were displayed. Beaumont Unified School District is committed to creating a safe and secure virtual learning environment for our students and staff,” and stressed that the district is working to implement added security measures including additional monitoring and collaboration software.
The district assures that it “takes these incidents seriously and is working with Beaumont Police Department to track down those responsible for the security breach of these sessions, and is prepared to prosecute” the offenders.
Beaumont is not alone in having to defend itself from hacking incidents.
On Aug. 23 Rialto Unified School District issued an alert that their network had been compromised with malware, causing the district to suspend its online classes as it works to figure out the depth of that malware’s repercussions.
In March, the FBI issued a warning of video-teleconferencing platforms being hijacked in the wake of the COVID-19 crisis — from one teacher in Massachusetts having an online Zoom class interrupted when an unidentified individual dialed in, yelled a profanity and shouted the teacher’s home address in the middle of instruction; another Massachusetts teacher was subjected to an online intruder exposing swastika tattoos.
Early last spring USC’s Daily Trojan student newspaper reported a confusing incident in which a hacker impersonated a student who was in a Public Policy and Law session that created an issue for the real student who was trying to persuade the professor to remove the intruder.
Last week students at Palisades Elementary School had their first day of online learning hacked.
A parent posted online that she was “beyond disgusted,” explaining “My 10-year-old son was having a great time on his zoom meeting with his class when they were hacked by what sounded to be Russians. Pictures of naked women and profanity popped up. This is so unacceptable!”
A couple of weeks ago at Placer Union High School in Auburn, Calif. a few classes on Google Meet were disrupted by pornographic content.
Churches and courts have also had their websites compromised, from folks attempting to access records from the Madera Superior Courthouse being redirected to a porn site instead; and St. Paulus Lutheran Church forced to sue Zoom when pornographic material was inadvertently introduced during an online bible study.
In what was deemed not to be an April Fool’s joke, administrators running Laguna Beach’s April 1 city council’s livestreamed meeting were challenged to efficiently mute or turn off the camera of unknown assailants interjecting a live pornographic display.
Top Class Actions, an online site that connects consumers to news and resources regarding class action lawsuits, reported in June that USC associate dean Victor Rios filed a class action lawsuit against Zoom after his 400-person video conference was interrupted by “a known offender” that had repeatedly afflicted virtual Zoom meetings with pornographic images of an adult portraying a sexual act on a crying infant, accusing Zoom of “unlawful sharing of users’ information with third-parties, including Facebook; failing to safeguard users’ personal information; failure to provide adequate security; and ‘unfair, unlawful, and deceptive business practices related to Zoom’s data security.’”
As of June, 27 state attorneys general and the FBI had publicly expressed concerns over Zoom’s security issues.
The FBI recommends users make Zoom meetings to be private, and require participants to provide passwords, and for hosts to have a “waiting room” function to control who’s allowed in on the call; avoid sharing meeting links on public online forums; and to limit screensharing to just the call’s host.
In Zoom’s official blog, founder and CEO Eric Yuan explains that “We did not design the product with the foresight that, in a matter of weeks, every person in the world would suddenly be working, studying and socializing from home,” and outlined a series of steps the company is taking to add more precautions and educate users to better defend against misuse. “We recognize that we have fallen short of the community’s — and our own — privacy and security expectations. For that, I am deeply sorry.”
Staff Writer David James Heiss may be reached at firstname.lastname@example.org , or by calling (951) 849-4586 x114.