CBI Investigates Hacking Incident in Jee Maine Examination, Three Director Arrested – E Hacking News
CBI (Central Bureau of Investigation) is investigating the chances of a
potential hack into TCS’ iON digital platform related to JEE Mains exam hack
which appeared recently. The suspected issue surfaced when CBI charged 3 Noida-based directors last week. iON of TCS is India’s biggest digital assistant
software provider. NTA (National Testing Agency) selected the iON to organize
national level examinations like JEE Mains and NEET, in a safe and secure way.
Besides conducting examinations, iON also provides logistics requisites for the
test, which includes the appointment of venue heads and management of test labs.
per sources, CBI is investigating various iON labs at different locations where
examinations were organized. TCS hasn’t said anything on the issue. As of now,
CBI has arrested seven accused of the incident, including three directors from
Affinity Education (a private coaching institute). iON doesn’t let any other
software or tool operate on its platform and also blocks internet access.
However, in this particular case, currently under investigation, the examination
center computers might’ve already had some external softwares pre-installed that
may have led to remote internet connection and gained access to systems during
the examination. It mostly happens with coaching centers in remote areas.
conspire with the venue heads and assist students screen share their exams and
someone else (most probably from the coaching institute) helps the students by
completing their exams. The students give around 2-3 lakhs per hacked system.
The systems have pre-installed external softwares prior to the examination.
Ethical hacker Sunny Nehra told BusinessLine,” these tools are externally
installed and connected with a Windows system through which remote access is
given. Though iLEON operating systems are very strong and hard to crack, the
company would have to identify the loopholes in the back-end and rework the
architecture of the software.”
Experts suggest that a candidate appearing in the
examination should only have the option to access URL-based links linked to the
exams, which once opened, won’t allow other applications to run until the exam
is over. It can be made possible by installing a network firewall at examination
centers, via which external traffic will flow. If firewall isn’t possible, endpoint security can be installed and the admin can use it to control and
restrict access to other softwares.