ST. BONAVENTURE, N.Y. — Three departments of the Federal Bureau of Investigation pored over St. Bonaventure University’s internal investigation into the racist hacking of a university Zoom conversation on June 5.
The overseas botnet IP addresses the hackers used make further investigation especially difficult, but that fact leads both federal and university officials to believe the hackers were “almost certainly not members of the university community,” said Dr. Dennis DePerro, university president.
The hackers had a history of botnet activity and their IP addresses were linked to servers as far away as Germany, India and Macedonia, said Dr. Michael Hoffman, SBU’s associate provost and chief information officer.
The Criminal, Cyber, Response and Services Branch (CCRSB), Civil Rights Division, and White-Collar Crimes squad each looked at the Zoom-bombing materials provided by SBU’s Office of Technology Services.
“Each unit determined that the words and actions, although horrible, hate-filled and racist, didn’t rise to the level of a hate or internet crime to allow them to investigate further,” said Gary Segrue, director of SBU Safety and Security.
The university’s Safety and Security Office consulted with the New York State Police Computer Crime Unit before passing on the Technology Services review to the FBI.
More than one user hacked into the Zoom session, conducted in the aftermath of the George Floyd killing, and uttered racial epithets and drew swastikas and other offensive images on the PowerPoint presentation. They were quickly removed from the session, which continued without further incident.
“This doesn’t change the fact that this was an outrage and a crime upon our community,” said Dr. Dennis DePerro, university president. “What I stated the day the incident occurred holds true: Any action going forward that rises to this despicable level will result in the most severe penalty if the offender is a student or employee — expulsion or termination.”
The university’s goal now is to tighten its Zoom security measures, especially for large-scale community meetings that would be more likely to attract hackers, DePerro said. Tech Services established a webpage for employees to find resources for securing a Zoom room.
