Back to Email phishing

Email phishing

Iranian hackers stole academic papers, including nuclear power research, from top universities

In September 2018, cybersecurity firm Secureworks discovered that academic papers on nuclear power development and cybersecurity were stolen from top British universities, including Cambridge and Oxford. The stolen information was sold online, using Whatsapp, Telegram, and certain websites in Farsi for as low as £2.

What happened?

The Iranian hackers allegedly obtained access to university systems and research databases by email phishing. Students and staff from the universities received fake emails prompting them to reset their passwords to access their academic research databases. The hackers used the credentials entered by unsuspecting users to log on to the academic databases and download the data.

Customers who were interested in purchasing research material on specific topics were instructed to send an encrypted message to a phone number using apps such as WhatsApp and Telegram containing the title of the paper they’d like to purchase. Once they made the payment, a copy of the stolen paper was emailed to them.

Six months prior, the US Department of Justice and UK’s National Cyber Security Centre revealed that Iranian hackers were targeting universities around the world. In spite of previous warnings, many universities appear not to have done much to prevent this kind of confidential data leak. To prevent further attacks and beef up security, Secureworks advises all universities to implement multi-factor authentication and set complex password requirements for accessing their online library database.

Don't want to make the news for the wrong reasons? Download ManageEngine Log360, the tool that can help combat internal and external security attacks.

How can ManageEngine help you identify threats?

ManageEngine Log360 can locate suspicious emails in your organization with the help of preconfigured reports based on:

  • Messages by subject keyword.
  • Messages by body keyword.
  • Attachments by file name keyword.
  • Attachments by file size.
  • Attachments by file extension keyword.

Start your free, 30-day trial today.

Latest DoS and DDoS attacks

Latest Brute force attack

Latest Crypto ransomware

Latest Advanced persistent threat (APT)

Compliance violation

Stay In The Know

Subscribe to our digest to get your weekly dose of cyber security updates straight to your inbox.

Please enter a business email id
 

By clicking 'I’m interested', you agree to processing of personal data according to the Privacy Policy

© 2019 Zoho Corporation Pvt. Ltd. All rights reserved.