Complex Made Simple

Hackers are targeting students with nearly undetectable techniques

As we near the beginning of the school year, a new report was released by SecureWorks and it details troubling news: How universities are victims of a spoofing attack by the Cobalt Dickens group in Iran.

The Cobalt Dickens group is infamous for stealing intellectual property from various universities between 2013 and 2017 until being discovered and indicted by the US Department of Justice.

It was recently revealed by SecureWorks that these hackers were still active with extensive operations in effect: “researchers discovered a URL spoofing a login page for a university. Further research into the IP address hosting the spoofed page revealed a broader campaign to steal credentials. Sixteen domains contained over 300 spoofed websites and login pages for 76 universities located in 14 countries, including Australia, Canada, China, Israel, Japan, Switzerland, Turkey, the United Kingdom, and the United States.”

Read: Learning Arabic- The key for social and professional 

How does it work?

How the hack would work, according to the report, is by using the universities login pages to deceive students into “entering their credentials into the fake login page, victims were redirected to the legitimate website where they were automatically logged into a valid session or were prompted to enter their credentials again. Numerous spoofed domains referenced the targeted universities’ online library systems, indicating the threat actors’ intent to gain access to these resources.”

The hack was found to be targeting university property such as library books, research material and other property that is usually exclusive to professors and students at said universities.

The repercussions of these hacks come down to the cost of research material stolen which the university will have to pay.

Read: GCC’s Apple Macs are under attack: Has the issue been solved?

What’s the damage?

The losses could be astronomical. CTU analysis, a cybersecurity firm, told Sky News: “When similar attacks happened (by the same group) between 2013 and 2017, the estimated damage to each university was at $3.4bn.”

“These are paid for resources which they are either looking to resell or otherwise monetize.”

In the US, overall, universities are said to be spending $139bn a year on research, and in the UK, $7.4bn, according to The Guardian, in 2015-2016.

The Guardian spoke with an academic publisher, who claims to be publishing 75 research books each year, exclusive to university libraries.

The property stolen from these academies might include research papers, case reports and case series, position papers, species papers, and technical papers.

“Depending on the institution researchers and professors usually publish 1 to 2 papers per year,” a user on ResearchGate, a research community online.

Read: The UAE leads the “remote working revolution” in the region