SMU student accessed accounts to delete scripts

Kotsaga was worried he would not do well in exams, so he deleted his exam script and those of his 18 classmates.
Kotsaga was worried he would not do well in exams, so he deleted his exam script and those of his 18 classmates.

2 months' jail for Russian who 'logged' dons' passwords to erase exam scripts

When Singapore Management University (SMU) postgraduate student Georgy Kotsaga realised he would not do well in an examination, he deleted his script and those of his 18 classmates.

The 32-year-old Russian thought this would enable him to take the exam again.

What he did not realise was that SMU's information technology system made real-time backups. The scripts were recovered, and he was exposed as a cheat who had used a USB device to "log" the passwords of two professors and gain access to the school's eLearn system.

  • About keyloggers

  • Singapore Management University postgraduate student Georgy Kotsaga used a USB hardware keylogger to get his professors' user IDs and passwords.

    Keyloggers are used to capture and record users' keystrokes, which can reveal passwords and credit card details.

    They can come in the form of software or a small hardware device, usually plugged between a keyboard and a computer USB port. Unlike software keyloggers, hardware ones can start logging from the moment the computer is turned on, but are more easily detected since they are physical devices.

    Some non-illegal uses of keyloggers include monitoring children's Internet activities and ensuring company staff do not leak confidential information.

    Priscilla Goy

Yesterday, he was jailed for two months after pleading guilty to two charges under the Computer Misuse and Cybersecurity Act.

Deputy Public Prosecutor Nicholas Khoo said Kotsaga's attempt to delete his classmates' work "spits in the face of the education system".

The court was told how Kotsaga, driven by worries that his 3.09 grade point average would fall below 3.0 after the exam, decided to get the account details of the two professors teaching the modules he was weak in.

He bought a USB hardware keylogger from Sim Lim Square and plugged it into common desktop computers in the professors' classrooms to get their user IDs and passwords.

A keylogger is a computer program that records every keystroke made by a computer user, especially to gain fraudulent access to passwords and other confidential data.

On Nov 24 last year, when Kotsaga sat the final exam for the Law of Property module, he found it hard to answer the questions.

He went to the toilet and used his iPhone to access the eLearn Instructor account of Professor Tang Hang Wu. He spent around 20 minutes viewing the scripts of the other students taking the exam, hoping to find useful information.

After the exam that day, he accessed Prof Tang's account again, this time to view the exam script of a student who was top in the module.

Realising he would not do very well, Kotsaga deleted all 19 scripts.

Three days later, a student e-mailed the university to highlight how the system showed that she had not completed the exam.

Investigations went on to show that Prof Tang's account was used to delete all the scripts.

The device used to delete them was traced to Kotsaga's account.

Kotsaga, who was unrepresented, said it was his "stupid mistake".

He said no harm was caused; he was "under stress" and had wasted 2-1/2 years of his life and $100,000 in expenses and course fees.

He was in an SMU graduate programme that leads to a first degree in law.

DPP Khoo said Kotsaga's premeditated use of an external keylogger was a highly aggravating factor.

District Judge Jasvender Kaur, who took two other similar charges into consideration, said his actions were planned and persistent.

"Academic dishonesty is a breach of trust in relation to the institution, to fellow students as well as future employers," she said, adding that it also undermined SMU's reputation.

Kotsaga could have been fined up to $5,000 and/or jailed for up to two years for unauthorised access; and fined up to $10,000 and/or jailed for up to three years for unauthorised modification under the Computer Misuse and Cybersecurity Act.

A version of this article appeared in the print edition of The Straits Times on February 17, 2016, with the headline 'SMU student accessed accounts to delete scripts'. Print Edition | Subscribe