Iranian Hackers Target Universities For Secret Research

Uploaded on 2018-09-17 in INTELLIGENCE-Hot Spots-Iran, GOVERNMENT-National, FREE TO VIEW, NEWS-Cybersecurity News, TECHNOLOGY--Hackers

Hackers linked with the Iranian government are targeting universities and academic institutions around the world as part of a major campaign to steal unpublished research and obtain intellectual property, security researchers have revealed.

Cyber experts from IT firm Secureworks discovered the attacks, which they believe stem from the Cobalt Dickens group operating out of Iran. 

The hackers targeted 76 universities located in 14 countries, including Australia, Canada, China, Israel, Japan, Switzerland, Turkey, the United Kingdom, and the United States 

As the investigation is still ongoing into the hacking attacks, Secureworks has not shared the full list of universities. The campaign involved creating fake websites that resembled the login pages for each university.
Anyone who accidentally filled in their account name and passwords to the spoofed login pages would have handed the group their login credentials.

After filling in their details, victims would be automatically redirected to the legitimate website, meaning they may have been unaware that they had fallen for the hack.

Most of the domains for the fake websites were registered between May and August of this year, with the most recent registration on 19 August.

"The targeting of online academic resources is similar to previous cyber operations by COBALT DICKENS, a threat group associated with the Iranian government," a spokesperson for Secureworks said. 

"In those operations, which also shared infrastructure with the August attacks, the threat group created lookalike domains to phish targets and used credentials to steal intellectual property from specific resources, including library systems."

Earlier this year, the US Justice Department charged nine Iranians for conducting a massive cyber theft campaign on behalf of the Iranian government. 

The indictment alleged that the Iranians stole more than 31 terabytes of documents and data from more than 140 universities, 30 companies and five government agencies in the US.

"The hackers targeted innovations and intellectual property from our country’s greatest minds," US Attorney Geoffrey Berman said at the time.

"These defendants are now fugitives from American justice, no longer free to travel outside Iran without risk of arrest.  The only way they will see the outside world is through their computer screens, but stripped of their greatest asset, anonymity.”

It is unclear if these nine alleged hackers were involved in the latest attacks.

Independent:                  Image: Nick Youngson

You Might Also Read: 

The Resurgent Cyber Threat From Iran:

Iranian Political Influence Campaign Goes Global:

 

 

« Cybersecurity Needs A Collective Approach
A Cyber Attack Could Cause The Next Financial Crisis »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

National Institute of Standards & Technology (NIST)

National Institute of Standards & Technology (NIST)

NIST is a measurement standards laboratory, and a non-regulatory agency of the United States Department of Commerce. Areas covered include IT and cybersecurity.

Luxar Tech

Luxar Tech

Luxar's network visibility products enable enterprises and service providers to monitor network traffic, improve security and optimize efficiency.

Data Resolve Technologies

Data Resolve Technologies

Data Resolve offer a mechanism through which customers can detect and tackle various kinds of sensitive activities pertaining to data loss and data theft.

Fox-IT

Fox-IT

Fox-IT prevents, solves and mitigates the most serious cyber threats with smart solutions for governmental bodies, defense, law enforcement, critical infrastructure, banking and large enterprises.

WeSecureApp (WSA)

WeSecureApp (WSA)

WeSecureApp is specialized in providing Cyber Security Solutions to safeguard your applications and networks.

Claranet

Claranet

Claranet are experts in modernising and running critical applications and infrastructure through end-to-end professional services, managed services and training.

CRYPTTECH

CRYPTTECH

CRYPTTECH specializes in Information Security and Intelligence, Risk Evaluation and Vulnerability Recognition against Cyber-Attacks and APTs.

TUV Rheinland Group

TUV Rheinland Group

TUV Rheinland Group is a testing services company with nearly 145 years of technological experience. We help you to protect your systems comprehensively, proactively and permanently.

Penningtons Manches Cooper

Penningtons Manches Cooper

Penningtons Manches Cooper is a leading UK law firm providing high quality legal advice in areas including Data Protection, Cyber Security and Cyber Crime.

ThreadStone Cyber Security

ThreadStone Cyber Security

ThreadStone Cyber Security offer reliable, practical and affordable cyber security solutions for both large and smaller organizations that we develop and deliver ourselves from Europe.

Corellium

Corellium

Corellium are dedicated to supporting our peers in the ARM community who seek to build more secure, performant, and accessible software and devices.

Fifosys

Fifosys

Fifosys is a professional technology infrastructure specialist, delivering a broad portfolio of high quality technical and strategic managed services.

PA Consulting

PA Consulting

PA Consulting Group is a consultancy that specialises in strategy, technology and innovation. Our cyber security experts work with you to spot digital and technology security risks and reduce them.

Pathlock

Pathlock

Pathlock (formerly Greenlight) help enterprises and organizations automate the enforcement of any process, access, or IT general control, for any business application.

RSK Cyber Security

RSK Cyber Security

RSK Cyber Security are a leading cyber security services company that uses services, consulting, and product knowledge to lower security risk across the board.

Dynamic Standards International (DSI)

Dynamic Standards International (DSI)

Dynamic Standards International is a global standards development organization which develops certifiable ‘dynamic standards’ that pace with fast-evolving landscapes.