There’s a scene in the iconic 80’s film Ferris Bueller’s Day Off where the hero logs into his school’s computer system and starts modifying his records. It’s a dream that’s probably passed through the thoughts of millions of young people over the years. If only I could just go and change a couple of those grades discretely, no-one would ever know.
Unfortunately as with nearly all ‘computer crimes’, committing is much, much easier than getting away with it. The problem is that it’s very difficult to hide your tracks online, one tiny mistake and there’ll be lots of markers pointing your way.
This is exactly what has happened to student Imran Uddin early this year. A bio-science student at the University of Birmingham, Imran decided that his projected 2:2 degree wasn’t quite good enough and decided to try and gain access to the Universities Exam system to modify his grades slightly – changing the scores on five exams in order to boost his grades.
His attack involved installing keyloggers into a selection of the Universities computers in order to steal staff passwords who had access to the exam recording system.
These are little hardware devices which you can pick up for a few dollars on the internet, that plug into the back of a computer and record every keystroke made on that keyboard. It’s the easiest way to steal usernames and passwords as it operates at the hardware level and you don’t need to worry about encryption and security. Imran managed to grab a handful of staff accounts including ones that were able to change the exam grades, where he duly modified his own.
Of course, the problem is that these devices have to be installed and can be identified if someone looks carefully enough. Which is what happened in this case, a technician performing an upgrade on some computers in the Bio-Science lab noticed the device. Of course then all the University computers were checked and staff found several more including one on the back of a computer in a staff only area.
After that all roads led back to Mr Uddin and when police checked his own computers they found a huge amount of incriminating evidence. There were ebay searches and purchases of the keylogging devices, evidence of a failed attempt to login to the University marking system plus loads of other forensic evidence incriminating him.
Which is mainly the problem with these computer crimes, although they’re pretty easy to commit, it’s very difficult to hide all this incriminating evidence when people start looking for it. There will be CCTV records of the keyloggers being installed, records of IP addresses and logins and of course simply looking at backups of the exam system will reveal logs of grades being modified. You can route your connection through Russian or Australian proxies but if you leave obvious clues elsewhere it won’t help you.
I once investigated a system where criminal records where accessed by someone who shouldn’t have had access. Looking at the logs of this system it took about ten minutes to find them – although there were hundreds of thousands of records the culprit stood out like a sore thumb. While every legitimate user of the system logged in and performed searches using an account in this format – USR1077672356, one account was logged in as Jamie333 (details slightly modified!). It was the first account checked and despite the individual being cunning (his name was not Jamie) it didn’t take long to find lots more evidence.
Mr Uddin was sentenced to six months and presumably lost his degree completely, he also faces the possibility of legal action from the University too. It’s impossible to know how many people actually get away with crimes like this, but one small mistake or piece of bad luck and it’s very simple to track the culprits down. Still kind of feel sorry for the guy though, but there’s definitely a lesson to be learnt here!