UI computer security increased after keyloggers used to change grades

By  | 

IOWA CITY, Iowa (KCRG-TV9) -- The University of Iowa says it now has a safer intranet.

That's after the F.B.I. says a former wrestler was able to hack in to change grades. F.B.I. agents arrested Trevor Graves, a 22 year old former University of Iowa wrestler, last week. He faces hacking charges for allegedly breaking into university computers to change his grades and get his exams early.

The F.B.I. said Graves used what is known as a keylogger. That is software that copies everything typed into a computer, including user names and passwords. Investigators said Graves attached keyloggers to university computers. After a professor or administrator logged on, he was able to see the user name and password. He accessed about 250 accounts, including for faculty. That's how the F.B.I. said Graves was able to access practice exams and test scores. A computer specialist in Iowa City said the hack from keyloggers could have been much worse.

"What if a high level administrator happens to log on to that computer? Now their log in credentials are taken. Now someone has access beyond what that student thought they were going to do with raising their grades. Now we're talking about maybe research data could get accessed or whatever," said Greg Johnson, the director of Iowa City Technology Solutions.

Johnson said keyloggers are easy to use and are difficult to detect.

"It's not that obvious. It's quiet. It's in the background. It's also pretty simplistic so it could be a variant or a variation of a keylogger where it's not picked up by normal anti-virus software," said Johnson.

University officials said they have improved physical security on classroom computers to prevent this from happening again. A two step log-in program was also introduced for added security.