Dark web schooling

Credit to Author: David Jacoby| Date: Fri, 21 Jun 2019 10:00:06 +0000

School exams not going quite according to plan? It can happen to anyone. Most of those affected will pick themselves up, retake the tests, or change their goals. But in a few cases, students may be tempted to cheat their way to success.

Over the years, an underground industry has grown up around that temptation, from discussion fora and how-to videos for hacking into your school system to fake certificates and diplomas available for sale on the black market. We decided to look into this a little and see what schools and colleges can do to protect themselves and their students.

How students use dark web diplomas and hacked grades to cheat their way to exam success

Getting access to grades

Many schools have introduced Web-based information platforms for school activities, homework, assessments, parent and teacher communications, and more. Some of these are open to the Internet, and many such platforms, including some of the most widely used, have a history of being vulnerable.

One of the most popular school information platforms is PowerSchool. PowerSchool is known to have carried a vulnerability (CVE-2007-1044) that would allow an attacker to list the content of the admin folder via a specially crafted URL. The impact of this vulnerability depends on the settings of the Web server and what the folder contains.

However, reported vulnerabilities and exploits such as this one do not allow an attacker to bypass the authentication or escalate privileges to gain access to the kind of information grade-hackers might be looking for. For that, there is an easier route: using account credentials.

PowerSchool’s gateway, like that of many other platforms is protected only by usernames and passwords.

Login pages of PowerSchool online system

In March 2019, students were alleged to have hacked into PowerSchool for the purpose of changing grades and improving their attendance records. And because people reuse account credentials on multiple sites, it is highly likely that these portals are being hacked using stolen or reused account details. These accounts can be obtained using different methods, from simply copying them from a sticky note on a teacher’s keyboard to actual hacking and credential harvesting on the school or college network. Alternatively, students can hire an underground hacker to do it for them.

Hacking services and forged diplomas on black markets

An online search on June 12 easily led us to an online offer for hacking services and authentic-looking forged certificates, diplomas, and degrees for a subject or institution of your choice. The process is clear and simple, with an order form and contact information.

An online black market that sells certificates and diplomas of different institutions

Improving security in education

So, what can schools, colleges, universities, and even employers looking for evidence of academic achievement do to make sure that what they are looking at is the real thing?

When it comes to certificates and diplomas, organizations should verify their authenticity with the issuing institution. If there is no record of that student obtaining that qualification, chances are you’re dealing with a fake.

In the case of Web-based information systems, a few essential measures will go a long way toward keeping staff, students, and information safe:

  • Introduce some form of two-factor authentication wherever possible, and particularly for access to student records, grades, and assessments. Set strong and appropriate access controls, so that it is not easy for a hacker to move laterally through the system.
  • On campus, have two separate and secure wireless networks, one for staff and one for students. It might also be a good idea to have a third, isolated network for visitors.
  • Introduce and enforce a robust staff password policy and encourage everyone to keep their access credentials confidential at all times.
  • Use a reliable security solution for comprehensive protection from a wide range of threats.


https://blog.kaspersky.com/feed/