Officials, schools ponder how to handle threats from other countries

Elizabeth Dunbar
St. Paul, Minn.

Share

Jefferson Elementary School
Students arrive at Jefferson Elementary School in the second day of a city wide school lockdown because of a vague Internet threat, in Minneapolis, Minn., Thursday, March 11, 2010. The Minneapolis Police Department continues to investigate to determine the significance of the threat reported on March 10.
AP Photo/Craig Lassig

Minneapolis school officials on Thursday lifted the "code yellow" lockdown at all the district's schools, but police said they are still trying to determine who posted the threats that prompted the heightened security.

The threats to the Minneapolis schools and a threat to a high school in St. Paul were found yesterday on social networking Web sites, including MySpace and Facebook.

Police were able to trace all the postings to an Internet server in Australia, and they have even identified the person connected to the IP address used. But that doesn't necessarily mean they know who posted the threat.

"That can be a complicated process, and it's more complicated by the fact that it's international," said Sgt. Paul Schnell, a spokesman for the St. Paul Police Department.

Create a More Connected Minnesota

MPR News is your trusted resource for the news you need. With your support, MPR News brings accessible, courageous journalism and authentic conversation to everyone - free of paywalls and barriers. Your gift makes a difference.

The Twin Cities case isn't the first time a school threat has been traced to a computer in another country. It's too early to say whether it's becoming more common, but it raises questions about how quickly police and school officials are able to determine whether a threat is credible.

Investigators must work with people who are in a different time zone. And depending on the country, there may be different laws about tracking Internet activity.

The speed at which investigators can find information about the threat also depends on how much the Internet user knows about computers.

"If somebody is sophisticated enough, and uses the anonymizers or just routes it through enough servers, it could get to the point where you can't even do it," said Kevin Bluml, a computer forensics consultant who also works as a security investigator for United Health Group.

"If you don't get the cooperation from the people involved, you might be stuck. You might never be able to tell where it ultimately came from," Bluml said.

While it's possible the person posting the threat is a sophisticated computer user, at least one expert said it's highly unlikely.

"It could be a student in Minnesota who simply said, 'Hey, friend or cousin or somebody in Australia, how about you post this?' Or maybe someone's on spring break in Australia and goes to a library to post it," said Robert Lelewski, a computer forensics consultant in Denver. "There's a lot of things that could have happened."

As for the Minneapolis school district's response, district spokesman Stan Alleyne said officials will review procedures to see if there's anything that should be handled differently in the future, including how officials communicate with parents and students.

"We're just in a time when you have to consider the social media --- the rapid pace that information spreads," he said. "We have to continue to work on being faster at spreading our message."

Gallery
Providing Support for MPR.
Learn More
Program ScheduleStation Directory