Posted on July 11, 2020 at 3:16 PM
CUP Cancels Exams After Hackers Accessed Online Question Bank
Following the recent hacking incident which saw the compromise of examination bank by hackers, the Central University of Punjab (CUP) has decided to cancel the examinations.
The Exam was held between July 6 and July 8, but it was recently discovered that hackers had already infiltrated the exam bank and gained access to the exam questions before the exams.
RK Kohli, Vice-Chancellor of the institution, stated yesterday that the hacking incident was discovered on Wednesday. The entire exams believed to have been compromised have been canceled.
“Lecturers have been requested to organize query papers for all topics and new dates of exams will likely be introduced quickly,” he reiterated.
Kohli said the institution got to know about the hack when some employees of the institution and some students got emails telling them the exam questions have been hacked.
The email was sent via end-to-end encryption and paid email service known as Protonmail. In the mail, there is a link that redirects the reader to entry to all questions the institutions used to set the exam questions.
Students from Kashmir and Jammu have been reporting and emailing CUP regarding the unavailability of digital screens and network issues.
Kohli said the institution has alerted law enforcement about the hacking incidence and investigation is going on currently.
Hackers took advantage of University’s use of online exam mode
As the current fight against COVID-19 is going on, the university decided to allow students to sit for the exams online and choose when they want to write their exams. However, the hackers saw a loophole and decided to exploit and unlawfully retrieve the stored questions.
According to sources from those who received the emails, the unidentified sender stated that the platform the university developed for the online exam is defective, as various students were not able to go through the online check on time.
Before this online exam process, the examinations were formerly taken on the campus by way of the intranet. But the online mode was recently adopted to offer an avenue the students can take the exams while sitting at home.
The University’s administration stated that it has successfully conducted two mock exams to test the security strength of the platform and concluded that the firewall was very effective at combating uninvited intruders.
Also, online entry to the financial institution was sent to the academics to add query papers. Although the system was password-protected, it still got compromised, and there are current investigations regarding the compromise of the system.
10 students had exceptional scores
The University also revealed that from the canceled examination, 10 students from a specific state had exceptional scores. Their results were also similar.
Each of the 10 students scored over 92% from the exam conducted within three days, which is far higher than what other students scored in the same exams.
An investigation into the situation ongoing
Kanwar Pal Singh Mundra, the University registrar, earlier stated that the mock check yielded good results as about 400 samples out of the 500 that participated in the mock had no issues.
The Indian police have taken up the hacking incident and are currently investigating the events that led to the attack. The law enforcement agency is looking at different possibilities to find out whether the hackers are linked to the academics or those who scored exceptionally high in the exams.
The report revealed that some of the students who scored fewer marks in the previous exams were among the top scorers this time, with most of those students coming from Kerala.
The CPU has been holding online exams since 2015, and the school has using computer-based multiple-choice questions. But there have been several complaints about the susceptibility and security issues of the question method. This prompted the University to use an examination app to conduct the exams. Unfortunately, it seems the app had security loopholes.