The standard Newspaper: Cyber Security: Rise of the student hacker
The University of Nairobi’s Bachelor of Information Systems graduate was previously charged with hacking into NIC Bank’s systems and with manipulating Safaricom’s computer system and stealing electronic airtime worth Sh20, 000.
In institutions such as Kenyatta University and JKUAT, hacking of university systems reportedly peaks towards the end of semester and during the graduation period when hackers tamper with school systems to adjust grades and fee balances.
“Most of the courses we are taught stress on ethical hacking, but lecturers can teach us other forms of hacking so that when someone opts to hack they do it for a good cause putting their integrity first,” says Reinhardt Bonnke, a computer science student specializing in graphics interfaces.
Many universities are sitting ducks. Their computer laboratories and networks are poorly secured; so with a flash disk, a student with hacking skills can interrupt the security systems and also personal accounts without the need to know the login details.
On campuses, students are not restricted to only using the devices provided by the schools in learning how to hack butalso use their own laptops and other devices. This makes it easy for the students to access the school’s networks the same way they do other public networks.
Besides adjusting grades and fees balances, the hackers also sell financial records and other important data to rival institutions of higher learning. Other institutions vulnerable to hacking and data breaches include banks, hospitals and government agencies, according to security appliances provider, Cyberoam.
Besides money, many of the institutions lose proprietary/confidential information, trade secrets and growth strategies to either internal or external forces. This has been attributed to the poor security of their networks, or of the data and information contained in them.
The upswing in hacking among university students has been blamed on the shriveling of job opportunities for university students and the free Internet access offered by most institutions.
Although a number of students are eager to profit from the underworld of unethical hacking, the majority of them only engage in hacking for fun and to see how far their computer skills go.
“By knowing how to hack a security system you also know how to safeguard it. Therefore, hackers should be given a chance to maximise their full potential instead of being put behind bars,” says Tabitha Gachoka, a Management Information Systems student at Daystar University.
“The education provided in Kenya does not create dangerous people in technology since the courses are not to the caliber of hacking, they are only concepts,” asserts Mageto Washington, CEO of Magtech Inc., a digital security company dealing with automation and procedural analysis of hardware systems.
Only a few institutions offer specialised courses on ethical hacking.
“We are taught how to make the world a safer place through technology by being taught ethical hacking and cryptography,” assures Renny Langat, a student at the Technical University of Kenya and a part-time developer at Simi Technologies.
Langat says the misconception that anyone studying information technology is doing so in order to hack a system and compromise the safety of its data is not helpful.
He said it would only be fair if the government established ethical hacking and cryptography as independent courses in universities that can be certified and not as offshoots of computer technology courses.
“If the government doesn’t establish ways of putting these young genius brains into good use, they will be lured into joining societies like ISIS,” warns Langat.
By: Stephen Teng’o | Updated May 11, 2017 at 11:00 EAT