Serviceteam IT Security News

University Hacker Sent to Prison

A student who hacked into a British university’s computer network and made thousands of dollars by selling the answers to exams has been sentenced to prison.

Hayder Aljayyash, who is 29 and was born in Iraq, was welcomed into the UK as an asylum seeker. Between November 2017 and May 2019, Aljayyash illegally accessed the computer system of the University of South Wales where he had been studying for a master’s degree in embedded system design. 

Cardiff Crown Court heard that Aljayyash had used “very sophisticated” cyber-criminal techniques to hide his digital intrusion for 18 months. 

Suspicions that a data breach had occurred at the university were aroused when mathematics lecturer Liam Harris discovered a number of students had answered exam questions with identical answers. Five of the students even gave answers that contained the same typing mistakes included in the original working papers. 

To ascertain the extent of the data breach, the university processed approximately 140 million login records. Their investigation led them to an IP address linked to a residence in Treforest where Aljayyash was living with 30-year-old housemate and fellow student Noureldien Ektarki. 

Libyan national Ektarki pleaded guilty to helping Aljayyash sell the unlawfully obtained exam answers to students.

Aljayyash was arrested by police on May 30, 2019. Prosecuting barrister Jim Davis said that a search of Aljayyash’s USB sticks and laptop revealed “numerous files which matched those downloaded as part of the university breach.”

It was determined that Aljayyash had acquired the login details of university staff using a key logging device, and had used them to access the network almost 700 times. 

Aljayyash downloaded 216 files from the university, including exam papers, marking, reports, and coursework. By selling copies of the illegally obtained documents, Aljayyash made approximately $27K.

Investigating the incident, finding the culprit, and implementing new cybersecurity measures cost the university around $138K. 

Aljayyash pleaded guilty to two counts of committing an act to impair reliability of data in a computer and three counts of obtaining articles by unauthorized access to computers. He was sentenced to 20 months in prison. 

Ektarki was given a nine-month suspended sentence and ordered to complete 200 hours of unpaid work after pleading guilty to money laundering and transferring criminal property. 

Source: Infosecurity Magazine

With over 20 years of experience, Serviceteam IT design and deliver sophisticated connectivity, communication, continuity, and cloud services, for organisations that need to stay connected 24/7. We take the time to fully understand your current challenges, and provide a solution that gives you a clear understanding of what you are purchasing and the benefits it will bring you.

To find out how we can help you, call us on 0121 468 0101, use the Contact Us form, or why not drop in and visit us at 49 Frederick Road, Edgbaston, Birmingham, B15 1HN.

We’d love to hear from you!

0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply