Two sectoral bodies have warned that essay mills may attempt to hack university websites to secrete hyperlinks to contract cheating sites, thus duping students into using the prohibited services.
The warning from Jisc, the higher education IT provider, and the Quality Assurance Agency (QAA), the charity that monitors higher educational standards, came after universities in the United States of America and Australia were targeted by bad actors.
Together, Jisc and QAA have released advice to universities based on research by the Tertiary Education Quality and Standards Agency (TEQSA) in Australia, which first alerted the international HE community to the problem.
Jisc and QAA want university IT teams to remain vigilant, warning these activities are “often driven by organised crime”
The advice warns universities to remain vigilant of ransomware attacks, although they warn that attackers aim to go undetected. Attackers will insert code or links onto a university website, directing students to a cheating service. Some will use comment sections or discussion forums to distribute links to or propagate knowledge of illegal sites. Some even establish fake essay contests to harvest student work.
Jisc and QAA urge universities to secure all services with multi-factor authentification and strong passwords, alongside effective patch management policies.
We need action from governments and online platforms to make operation as difficult as possible
– Gareth Crossman, QAA
Jisc director of security Henry Hughes said: “Cyber attacks are a growing problem for colleges and universities and, as is probably the case with illegal essay mill activity, is often driven by organised crime.
“There are steps that can be taken to minimise risk, including using Jisc cybersecurity services that can block known malicious content, help mitigate phishing attempts and other forms of attacks against UK education and research.”
“Essay mills present a threat to the world-class reputation of UK higher education,” said QAA head of policy and communications Gareth Crossman.
“We need action from governments and online platforms to make operation as difficult as possible. This is why QAA is also campaigning for legislation to criminalise essay mills. We urge universities to follow the technical advice available from Jisc and to raise awareness among staff and students of the new tactics employed by essay mills. Users need to know what to look out for and how to report any suspicions.”