EXECUTIVE SUMMARY:

Recently, it was reported that cyber criminals with ties to the Iranian government attempted once again to infiltrate universities, this time in the UK. The hackers, suspected by researchers to be the Cobalt Dickens threat group, set up more than 300 phony university web pages and login pages in an effort to steal intellectual property (IP) and sensitive research. The group has run the same campaign in 14 other countries, including the United States, Australia, Canada, China, Israel, Japan, Switzerland, and Turkey.

According to The Independent, users who visited spoofed login pages would have essentially revealed their login credentials as they attempted to log on. Adding to the problem, as The Independent reports, “After filling in their details, victims would be automatically redirected to the legitimate website, meaning they may have been unaware that they had fallen for the hack.”

Reportedly, Cobalt Dickens has been caught committing intellectual property theft in the past. Security researchers believe that universities are an attractive target because they are less regulated than finance or healthcare organizations.

Earlier this year, the US Department of Justice (DOJ) charged nine Iranians with committing massive cyber theft at the behest of the Iranian government. According to the indictment, the cyber criminals stole at least 31 terabytes of documents and data from more than 140 universities, 30 companies, and five government agencies in the United States. It is not clear whether these nine hackers have ties to the more recent university attacks.

As less regulated organizations at the forefront of research and innovation become more targeted, preventive cybersecurity systems and anti-phishing technologies become more critical, not to mention training employees to recognize phishing scams.

Get the full story at The Independent.