Iranian Hackers Target Universities For Secret Research

Uploaded on 2018-09-17 in INTELLIGENCE-Hot Spots-Iran, GOVERNMENT-National, FREE TO VIEW, NEWS-Cybersecurity News, TECHNOLOGY--Hackers

Hackers linked with the Iranian government are targeting universities and academic institutions around the world as part of a major campaign to steal unpublished research and obtain intellectual property, security researchers have revealed.

Cyber experts from IT firm Secureworks discovered the attacks, which they believe stem from the Cobalt Dickens group operating out of Iran. 

The hackers targeted 76 universities located in 14 countries, including Australia, Canada, China, Israel, Japan, Switzerland, Turkey, the United Kingdom, and the United States 

As the investigation is still ongoing into the hacking attacks, Secureworks has not shared the full list of universities. The campaign involved creating fake websites that resembled the login pages for each university.
Anyone who accidentally filled in their account name and passwords to the spoofed login pages would have handed the group their login credentials.

After filling in their details, victims would be automatically redirected to the legitimate website, meaning they may have been unaware that they had fallen for the hack.

Most of the domains for the fake websites were registered between May and August of this year, with the most recent registration on 19 August.

"The targeting of online academic resources is similar to previous cyber operations by COBALT DICKENS, a threat group associated with the Iranian government," a spokesperson for Secureworks said. 

"In those operations, which also shared infrastructure with the August attacks, the threat group created lookalike domains to phish targets and used credentials to steal intellectual property from specific resources, including library systems."

Earlier this year, the US Justice Department charged nine Iranians for conducting a massive cyber theft campaign on behalf of the Iranian government. 

The indictment alleged that the Iranians stole more than 31 terabytes of documents and data from more than 140 universities, 30 companies and five government agencies in the US.

"The hackers targeted innovations and intellectual property from our country’s greatest minds," US Attorney Geoffrey Berman said at the time.

"These defendants are now fugitives from American justice, no longer free to travel outside Iran without risk of arrest.  The only way they will see the outside world is through their computer screens, but stripped of their greatest asset, anonymity.”

It is unclear if these nine alleged hackers were involved in the latest attacks.

Independent:                  Image: Nick Youngson

You Might Also Read: 

The Resurgent Cyber Threat From Iran:

Iranian Political Influence Campaign Goes Global:

 

 

« Cybersecurity Needs A Collective Approach
A Cyber Attack Could Cause The Next Financial Crisis »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Caliber Security Partners

Caliber Security Partners

Caliber Security Partners is a full-service information security company, with a wide range of security services for clients with varying levels of security maturity.

Huntsman Security

Huntsman Security

Huntsman Security provides technology to enable real-time security monitoring and immediate visibility of advanced threats and compliance issues.

Signal Sciences

Signal Sciences

Signal Sciences Web Protection Platform (WPP) provides comprehensive threat protection and security visibility for web applications, microservices, and APIs on any platform.

Learning Tree International

Learning Tree International

Learning Tree's comprehensive cyber security training curriculum includes specialised IT security training and general cyber security courses for all levels of your organisation including the C-suite.

Temasoft

Temasoft

TEMASOFT is a software company focused on developing security and infrastructure products.

Cyber Police of Ukraine

Cyber Police of Ukraine

Cyber Police of Ukraine is a law enforcement agency within the the Ministry of Internal Affairs of Ukraine dedicated to combating cyber crime.

GoCyber

GoCyber

GoCyber is a new, highly innovative cyber security training app that uses action based learning to significantly improve the online behaviour of all employees in less than a month.

Energia Ventures

Energia Ventures

Energia Ventures is a three-month intensive accelerator for entrepreneurs with an innovative business in the energy, smart grid, cleantech, and cybersecurity sectors.

British Security Industry Association - CySPAG

British Security Industry Association - CySPAG

CySPAG is a special interest group within the British Security Industry Association (BSIA) focused on reducing the risk of product related cybercrime.

Symmetry Systems

Symmetry Systems

Symmetry Systems is a provider of data store and object-level security (DSOS) solutions that give organizations visibility into, and unified access control of, their most valuable data assets.

Financial Services Information Sharing and Analysis Center (FS-ISAC)

Financial Services Information Sharing and Analysis Center (FS-ISAC)

The Financial Services Information Sharing and Analysis Center is the only global cyber intelligence sharing community solely focused on financial services.

Clarabot Nano

Clarabot Nano

Nano is the secure file sharing tool to improve content search, data access and collaboration between multiple parties.

Kriptos

Kriptos

Kriptos helps businesses improve their cybersecurity, risk, and compliance strategies by locating critical information through a technology that automatically classifies and labels documents using AI.

Unisys

Unisys

Unisys is a global information technology company providing industry-focused solutions integrated with leading-edge security to clients in the government, financial services and commercial markets.

Virtual Infosec Africa (VIA)

Virtual Infosec Africa (VIA)

Virtual InfoSec Africa (VIA) is a wholly-owned Ghanaian company specializing in information security and cybersecurity solutions and services.

Fortress SRM

Fortress SRM

Fortress SRM protects companies from the financial, operational, and emotional trauma of cybercrime by improving the security performance of its people, processes, and technology.