Some colleges and universities that have been receiving e-mailed bomb threats over the past several weeks encountered a new development Monday morning when they opened messages sent over the weekend claiming that an attack would occur at an unnamed campus today -- the anniversary of the September 11 attacks.
Officials from the Federal Bureau of Investigation continue to maintain that they are taking all threats seriously but want to avoid any overreactions. On August 29, the Behavioral Analysis Unit of the FBI's National Center for the Analysis of Violent Crime in Quantico, Va., which handles all written or verbal threats, concluded that the messages received up to that point posed a "low probability of violence." The FBI's investigation is pursuing possible links between Monday's threats and previously e-mailed messages -- all of which were hoaxes -- but officials could not confirm if they had found a connection.
But at Kenyon College, which received threats on Monday, S. Georgia Nugent, the president, said, "One thing we do know is that this one came from the same server as the last one. That would lead us to believe that this is part of the pattern." Past threats have originated from servers that "anonymize" the original sender's IP address or location.
At least five other institutions received versions of the same message, including Cornell University, the Universities of Akron and Iowa, and Skidmore and Swarthmore Colleges. Several have been recipients of threats over the past few weeks and continue to work with the FBI, the Department of Homeland Security and local authorities. The messages do not mention the name of the college or university that received them, and often, as in the previous cases, multiple copies are sent to an individual institution.
At Iowa, despite Monday's e-mails, the threats "seem to be tapering off" recently, said Steve Parrott, the director of university relations. Officials are "being a little bit more circumspect about alerting everyone right away" due to the random and vague nature of the messages, he said.
Kenyon's experience provides a case study of the nature of the threats. "What we believe we’ve ascertained is that the buildings' names as well as the individual addresses to which these are sent are pretty much ... following sequentially through our contact pages on our Web page," Nugent said. In other words, officials have theorized that the perpetrators found the "Contact Kenyon" page and looked at the first entry, for the admissions office, which lists its location (Ransom Hall) and the e-mail address where the threats were received. Previous messages in the past two weeks have mentioned specific locations on campus.
There is some speculation that the duplicates are a result of the unreliable nature of anonymizing servers: theoretically, resending the threats would increase the probability that at least one message would reach its destination. In the case of the previous batch of threats, which went out to at least 21 different colleges, the server was reportedly located in Europe.
In the course of its investigation, the FBI has been monitoring the e-mail list of the International Association of Campus Law Enforcement Administrators, where many colleges and universities have been sending threats they receive, and forwarding the messages to the analysis unit in Quantico, said Jeff Allison, the special adviser on campus public safety at the FBI's Office of Law Enforcement Coordination. The FBI has been encouraging campus safety officials to contact their nearest FBI field office as soon as they receive threats.
Even if they’re not requesting FBI resources, Allison said, it's important for piecing together a "national scope picture" of the threats.
"My hope is that our best shot of resolving this is for us nationally to band together and try to understand what we can about this," Nugent said.