so our school received a threat recently. This threat was published on an intranet available to every computer in our school; the file was an MS Word file titled "VAROITUS.docx" = "warning". The metadata available on the file (properties) tells me when it was created, but not the computer. It also tells me how long it was worked on, only five minutes. So is there any additional metadata or anything that could reveal which computer it came from? Our computers wipe themselves of any changes after shut down, so the Y: intranet is used to save files. With good luck on our side and the origin known, the security cameras might reveal the perpetrator.
Our school is just north of Jokela, where there was a school shooting in 2007, we have plenty of students from there. Every class I heard of was deserted, with only one student in each. I strongly feel it was a sick "joke", so I want justice. The police is investigating it as an illegal threat, but all help was welcomed.
Threat message, de-capslocked and translated:
Warning!!! This is a warning of a future threat to this school! On Tuesday 27th of March there will happen an act, which will shock everyone at school that day! I apologize in advance for my actions, but I see no other options. I will do it at some point during the day, I won't specify further. Again, I'm sorry, but the world has been cruel to me. I will take it out on you. Burn in hell, all of you...