A university has expelled a student for hacking the email accounts of several professors in an attempt to improve their grades.
Technion Institute of Technology, a public research institute based in Haifa, Israel, revealed the disciplinary actions it took against the student to Ynetnews:
“We are taking this case very seriously, as it is very unusual. The student, who acted in a manner that is most reprehensible, was punished severely by the disciplinary committee and was immediately and indefinitely expelled from the institution. A complaint was also filed against him with the police for the suspicion of cyber crimes.”
The university said the student is guilty of “implanting files for the purpose of transferring email from accounts of several professors.” With that level of unauthorized access, the student then took it upon themselves to change their grades. Their actions violated Technion’s acceptable use policy for university-owned computers.
At this time, it’s unclear which professors the student targeted.
Associate Dean for Undergraduate Student Affairs Prof. M. Orenstein says Technion disclosed the incident to its community in the interest of protecting honest students who don’t cheat:
“Cheating in tests and exams hurt honest students first of all, and so to better safeguard these students we notify all students in the faculty of verdicts given to those who were caught in their wrongdoing. These event are being made public is a way to inform you that this subject is important to us as is handled thoroughly, and so the name of the student is usually redacted.”
Incidents such as these aren’t unheard of. As noted by Bleeping Computer, computer criminals target universities with the promise of helping students get better grades. Bad actors sometimes stay true to their word, but other times, they just try to extort money from students or the university.
Acknowledging this threat, it’s important that universities not only make faculty and students aware of best security practices. They should also create information security degree programs and participate in hacking competitions. These efforts will help inspire, train, and challenge the IT security professionals of tomorrow.