http://www.sun-sentinel.com/news/local/palmbeach/sfl-616hacker,0,2819449.story?coll=sfla-news-palm By MISSY STODDARD sun-sentinel.com June 16 2005 WEST PALM BEACH - Charges will be dismissed against a 19-year-old Inlet Grove High student charged with hacking the Palm Beach County School District's computers if he completes parts of a deal agreed to in court on Thursday.. Ryan Duncan, of Palm Beach Gardens, has agreed to pay $2,025 in investigative costs and complete 100 hours of community service. He also has to write a letter of apology to the district. Under the agreement overseen by Circuit Judge Lucy Chernow-Brown, the 100 hours of community can be waived if Duncan agrees to work with the school district and a create a program on the seriousness of computer crime. Investigators believe Duncan illegally obtained a password that allowed him to access district servers. Duncan may have received the login information by looking over the shoulder of a computer technician who was working at Inlet Grove High School in Riviera Beach, where the teen is a student, district spokesman Nat Harrington said in an April interview. Duncan was arrested that month by school district police and charged with offenses against intellectual property, a felony. He was released on his own recognizance. Under the terms of Duncan's release, he is allowed computer access only at work, sheriff's officials said. He hacked into the system on nine occasions between December 2003 and February 2004, according to court documents. He created his own administrator account that allowed him to create other user names and IDs, documents show. He caused little damage, but the potential impact "could have been catastrophic," an investigator reported. School district officials used his Internet Protocol address, a unique identifying number, to track him through Adelphia, his Internet provider. Duncan told investigators that he knew his actions were illegal, but he was doing it only to gain knowledge, according to the report. Harrington said the accounts Duncan created were deleted. In addition, the district requires users to regularly change their passwords. But no additional security measures were needed, Harrington said, since this was a matter of someone illegally obtaining a password, not a case of someone unlocking the codes of the district's computer system. "It wasn't a security breach. It was analogous to stealing someone's keys to their house," he said. Staff writers Akilah Johnson and Scott Travis contributed to this report. _________________________________________ Attend the Black Hat Briefings and Training, Las Vegas July 23-28 - 2,000+ international security experts, 10 tracks, no vendor pitches. www.blackhat.com
This archive was generated by hypermail 2.1.3 : Thu Jun 16 2005 - 23:15:38 PDT