9 April 2021
TEQSA has been provided with examples of where Australian higher education provider websites appear to have been compromised by insertion of malicious code that redirects students to websites operated by illegal cheating services.
The researchers who informed TEQSA have identified four key types of malicious code in their scan of the 'edu.au' domain:
- Search query redirect – code inserted into a provider’s website to redirect students to a cheating service website from specific URLs.
- Content injection – embedding a link to a contract cheating website within a provider’s website.
- Comment injection – comments inserted to propagate or provide links to contract cheating services in discussion forums (especially in WordPress).
- Compromised recomposition – fake scholarship/essay contests inserted into provider websites, designed to harvest original student work that the commercial academic cheating companies then on-sell.
Such cyber security breaches on the 'edu.au' domain present a risk to student interests and the reputation of Australia’s higher education sector.
- TEQSA recommends your institution’s Chief Information Officer (or their equivalent) take immediate action to identify and remediate any malicious code insertions on your website or other online platforms.
- The Australian Cyber Security Centre has information on recommended mitigation strategies for Australian organisations, including a resource aimed at assessing security vulnerabilities and applying patches.
- TEQSA also recommends providers remind students and staff about the importance of academic integrity and the risk posed by illegal cheating services.
- TEQSA has developed dedicated suites of resources for academics and students to help strengthen academic integrity and combat illegal cheating services.
- TEQSA has also published advice for students on our website.
- Managing cyber security incidents helps ensure your institution remains compliant with the Higher Education Standards Framework, in particular, Standard 7.3.3 which requires providers to ensure information systems and records are maintained, securely and confidentially as necessary to “prevent unauthorised or fraudulent access to private or sensitive information, including information where unauthorised access may compromise academic or research integrity.”
Providers with any queries about this matter should email firstname.lastname@example.org.