Case Study: Northwestern Lehigh School District
Catherine Venusto allegedly manipulated the grade records of both her daughter and son while they attended Northwestern Lehigh School District. In 2010, while employed as an administrative office secretary, Venusto allegedly replaced a failing grade with a medical M grade. Access to the online grade book was accomplished by masquerading with the stolen network credentials of the superintendent. After having left her employment had ended, Venusto allegedly continued to utilize the stolen credentials to modify the grade of her son in 2012. The accused modification of the son’s grade could have been prevented through periodic password expiration policies (Lupkin, 2012).
Case Study: Temple University
In a more technically savvy attack, college student Edwin Kim accessed the electronic grade book of Temple University. A keylogger was installed by Kim on administrative office’s university computer to collect the credentials of professors that used the targeted system. Later, the keylogger was removed and cleaned up by Kim who was then left in the possession of his professors account information. Kim’s modifications were caught when his professors noticed the discrepancies by his changes. Kim himself was caught because the grade system logs were used to trace his connection sessions back to his workplace and home (Gibbons, 2012).
Case Study: Palos Verdes High School
Rounding out the vulnerabilities to be addressed, Palos Verdes High School fellow victim to a three student team which targeted the physical security as their main vulnerability. The teenagers, unnamed by Altman (2012), broke into the school under cover of night to steal tests and install hardware keyloggers on their teachers machines. During subsequent break-ins, the keyloggers were collected and analyzed to extract their teachers credentials. This information was used to access the grading system and boost the intruders’ grades (Altman, 2012).Altman, L. (January 26, 2012). 3 Palos Verdes High students arrested in grade-tampering plot. DailyBreeze.com. Retrieved from: http://www.dailybreeze.com/latestnews/ci_19829634
Gibbons, M. (February 8, 2012). Bucks college student fails in attempt at an easy A. phillyBurbs.com Retrieved from: http://www.phillyburbs.com/news/crime/bucks-college-student-fails-in-attempt-at-an-easy-a/article_175726b7-b2c5-56ce-93ab-bbfb6abddcc4.html
Lupkin, S. (July 19, 2012). Mom Arrested For Hacking School Computers to Change Kids' Grades. abc News. Retrieved from: http://abcnews.go.com/US/mom-charged-hacking-school-computers-change-childrens-grades/story?id=16812838#.UKhiZoevuIM
No comments:
Post a Comment