It is easy to think that a student who can hack into a school’s IT systems and alter his grades wouldn’t actually need to do such a thing as he or she would be a genius already. Apparently, if you think so, you’re mistaken!
A 16-year-old senior student at Tenafly High School has been charged in a New Jersey juvenile court for allegedly finding his way into the school’s IT systems and inflating his grades, and; using the exaggerated grades to find a place during the college admissions period.
But this is not the first time something like this has happened. In recent years, there have been similar cases of students trying to infringe their school’s systems to increase their grades to earn a place in top-flight colleges. In October 2015, the FBI arrested a former University of Iowa wrestler, Trevor Graves. The 22-year-old was charged with mounting hardware keyloggers on multiple computers in his school. He allegedly infringed on the private information of 250 students and staff members, a crime attributed to hackers and other cyber criminals found on the darknet. Also, he supposedly altered his grades more than 90 times from March 2015 November 2016.
Then, in September 2016, 19-year-old Chase Arthur Hughes was charged with allegedly using his lecturer’s account to access sensitive data. It is believed that Chase used the account to compromise the credit, medical and employment information of his tutor. After changing his grades from B to A, the teen went ahead to inflate the grades of a few other students from C and F to A. This form of cybercrime is not on a level of darknet marketplace drugs or weapons but the fear is that these little hacks lead the user down a dark road.
Again, in March 2014, Roy Sun received a three-month jail term when he was found guilty of trying to alter his grades- from F to A. According to authorities, the Purdue University former student teamed up with his friend Mitsutoshi Shirasaki to break into their tutor’s offices. Inside the offices, the two installed keyloggers onto the computers. Then, they were patient enough to hack into the computer systems of the university ten minutes before the deadline for the professor’s submission of the semester grades.
The high school student’s name has been withheld because he is a minor. However, he has been suspended from school immediately after the officials noted the breach. According to this report, the school management also decided to rescind the transcripts, which had also had a strong impact on his overall GPA.
The pressure to pass exams is for every student and this case has brought about a heated debate about the pressure that students have to go through daily in school. Even smart students don’t always get good grades. Sometimes, in this growing competitive world of admissions to good colleges, even the best grades aren’t just good enough, and this entices some students to try some ‘workarounds.’
Ashley Kipani has been a high school teacher for over 15 years. He says that for most students, the pressure to cheat in examinations is always high. According to him, the pupils look towards getting good points and view it as a way of scoring strong AP credits and a ticket to elite colleges.
With such pressure, hacking cases from schools such as Tenafly shouldn’t surprise anyone. At least, the case is just one of the many in which students are trying to hike up their grades.
However, all this behaviour is not within the statistics of 2017. In fact, as of August 2017, a report revealed how students are able to use digital currency from a bitcoin wallet or a bitcoin debit card to easily and with anonymity hire a hacker online. In all the cases that students have been caught hacking into school IT systems, similar trails showed that they were not smart enough. For instance, in the Purdue case, even the authorities said that the hackers did not hide their IP addresses. As if changing their professor’s login details wasn’t enough, they were not subtle enough in the process of changing their grades.
However, the blame is largely on the school system. For many years, college officials have admitted that their school’s academic IT systems have an open design which makes them less secure. At the Boston 2014 SANS Security Leadership Summit, members of the higher education IT panel said they try to remain reasonably safe with their systems. But they admitted they could never dictate the security control.
According to Sherry Horeanopoulos from Fitchburg State University, the systems are designed to be wide open and unguarded, and as a result may be susceptible to outside attacks, as was the case with millions of hacked email addresses at a handful of top American college campuses. According to the officer, the environment is bottom-up and poses a great challenge for top-down approaches to work against it.
However, it is clear that since students and professors want to access resources from school systems, the universities need to take extra measures. Two-factor authentication (2FA) for example, will be helpful for the student management systems and most ideal for managing the entry point of the system.