Security researchers have revealed how a hacking group, possibly linked to Iran, is targeting the UK universities in an attempt to obtain unpublished research and student credentials.
Cyber experts from IT firm Secureworks have discovered spoof URL pages for several universities, which would ask victims to enter their login details before bouncing them to their institution’s correct address.
They believe that the hackers have also targeted universities from Australia, Canada, China, Israel, Japan, Switzerland, Turkey, the United Kingdom, and the US.
Rafe Pilling, a senior researcher for CTU, told Sky News this follows a very similar case in which nine Iranian nationals were charged with cyber theft in March.
“When that happened the estimated damage to universities was $3.4bn (£2.6bn). These are paid for resources which they are either looking to resell or otherwise monetise. This is an ongoing threat, particularly because there was an indictment before. It is not necessarily the named people on that indictment, but this has continued and it doesn’t seem to have been sufficient deterrent to make anyone stop.
“We may have disrupted it but universities should remain vigilant to this and make staff and students aware,” he added.