Our software can be breached: Prometric

The US-based company that conducted the National Eligibility and Entrance Test (NEET) — held to admit students into postgraduate medical courses in December, 2016 — has admitted that their software “can be breached”. The company, Prometric, told this to the Delhi Police via teleconference, as part of the investigations into alleged hacking of the examination software, which allowed students to cheat.

The 20-page chargesheet, prepared by the central range of the Crime Branch, also states that the accused planned the hacking way in advance — even telling aspirants which examination centre to pick so they could cheat. As first reported by The Indian Express, the Delhi Police had arrested four people in connection with the case, and established that the servers used to conduct the examination were hacked. The chargesheet also states that supervisors of two examination centres in Chandigarh and Greater Noida, where the exam was held, helped some students cheat.

In the course of their investigations, police found that the exam-controlling body, the National Board of Examination (NBE), had given the contract to conduct NEET PG (2017) to M/S Prometric Testings Pvt Ltd. “They had sub-contracted with CMS IT Services Pvt Ltd to hire engineers, site supervisors and other staff to prepare exam labs and for actually conducting the NEET (PG) examinations at various exam centres from December 5 to December 13. Later, CMS IT Services Pvt Ltd had further tied up with M/S Apex Services to provide manpower and technical staff at the examination centres,” police stated in their chargesheet.

Police said the “agents and sub-agents” were active through the year in search of candidates ready to give money for a good rank. “After finding such candidates, the sub-agents informed senior agents, who had direct links either with the candidates or their parents. These agents were in constant touch with site supervisors, engineers and officials, who got posted at examination centres. They only advised the candidates or their parents to choose a particular examination centre,” a senior officer said.

In its chargesheet, police mentioned that M/S Prometric Testings Pvt Ltd failed to identify the alleged software — Ammyy Admin, which had been used by the accused to hack the exam. “The alleged persons, including site-supervisors, engineers and senior officials, managed to break open the security system of Prometric and, unlike other students, their selected candidates got internet access on their exam computers, which helped them to connect remotely with some other computer outside the examination hall,” police said.

Police found that a site-supervisor of the Chandigarh centre used the software to put students in touch with agents outside, who would then solve the papers and pass them to the students.