Menu
Browse

Cyber Threat Actor: Jaykishan Sharma

Actor Type Location Known Incidents
 Icon
Activist
India
1 incident
Profile

Jaykishan Sharma, also known by the alias Jaykishan Sharma, is an individual threat actor based in India who came to public attention following a cyber incident in October 2020. He was identified after gaining unauthorized access to the computer systems of four schools located in the Sikar district of Rajasthan, where he issued fraudulent transfer certificates for 130 students. According to his confession to authorities, Sharma claimed that his actions were motivated by allegations that the schools had harassed families of children admitted under the Right to Education Act, although no independent verification of this claim was provided in the reporting. The incident was reported by cybersecurity news outlets, which noted that Sharma’s method relied on physical intrusion rather than remote exploitation.

Sharma’s targeting appears limited to the education sector within a specific geographic region, namely the Sikar district of Rajasthan, India. The strategic objective evident from the reported activity was the manipulation of academic records through the creation of unauthorized transfer certificates, which constitutes a form of data tampering intended to facilitate improper student movements. His tactics, techniques, and procedures involved posing as a guardian to gain physical access to school premises, employing a hidden camera to record login credentials entered by staff, and then using those credentials to log into the servers and alter records. No malware, exploit kits, or remote access tools were mentioned in the sources, indicating that the operation relied primarily on social engineering and credential harvesting rather than technical payloads.

Attribution to any state sponsor, criminal organization, or larger hacking group was not established in the publicly available information; Sharma acted as a lone individual without apparent affiliation to a broader network. The 2020 Sikar school server breach remains the most notable and publicly documented operation associated with him, highlighting how insider‑style social engineering combined with minimal technical tools can lead to significant disruption within educational institutions. The case underscores the importance of physical security controls and credential protection measures in environments where access is frequently granted to visitors posing as guardians or parents.

Incidents
Attributed incidents available to members
1 incident
Sources
Sources available to members
0 sources