Student Hacks and Rickrolls His School District in 2021, Presents at DEFCON 2022 in Las Vegas
Back in April of 2021, a student named Minh Duong in Township HS District 214 planned a senior prank that exploited the vulnerabilities in the district's IPTV system and within a new bell schedule system to "Rickroll" every classroom, a prank he and his friends called "The Big Rick."
This artfully executed takeover did not just occur in one high school building; It was deployed to ALL SIX high school buildings. The mastermind behind this scheme documented the entire process in this blog post. The students shared a 20+pp Pen Test Report with school administration after the event. The district's Director of Technology thanked them for sharing their findings and requested a meeting to review the information together. The students were assured they would not be disciplined but still met with administrators anonymously via Zoom after graduation. Thankfully the meeting was a success and the school district is now safer for it.
THE TAKEOVER WAS DEPLOYED AT ALL SIX HIGH SCHOOL BUILDINGS
DEFCON 2022 Minh Duong shared his process at DEFCON in Las Vegas in August 2022, as seen in this Twitter thread. He was probably one of the youngest (if not the youngest) presenters at the DEFCON conference this year. Cory Doctorow, a self-proclaimed "activist, author and enthusiast," posted a Twitter thread on Minh Duong's DEFCON presentation that expressed his admiration for what this student was able to accomplish and for the district's reasonable response. The Takeaway- Consider building student IT/Cybersecurity programs in your districts.
Issue 27
Data Security and Privacy Service
Made with FlippingBook Online document maker