Satoshi Nakamoto Blog
Image default
data breach Exploit Hacked Hackers Hacking information technology Malware Privacy Security Vulnerability

Cybercriminals Targets Institutions and Universities in the UK


Posted on
October 31, 2018 at
3:11 PM

Some students in UK universities were sent phishing emails in order to gain access to their credentials. The attackers further created a similar website of the universities they targeted.

Iranian cybercriminals according to reports tried hacking into UK universities that offered government approved cybersecurity courses. The attack took months with the group targeting over 18 British universities. The report also indicated that these attacks included some renowned institutions including less popular universities, which has been certified by the National Cyber Security Centre (NCSC) to offer degrees in cybersecurity.

However, it is not clear if the universities at the center of these attacks were not included due to their affiliation with the NCSC. Nevertheless, NCSC half of the universities targeted had NCSC certification. There are rumors that the attack is related to a campaign held previously where dozens of universities were hacked with their research materials published on two Iranian websites.

Phishing for University Credentials

The attackers in trying to lure the students’ sent phishing emails to those with UK university logins in order to give up their passwords. Regrettably, certain students at the Lancaster University fell for the scheme and entered their credentials. Nevertheless, the University was swift to reset the password of those affected. Investigations were carried out to ascertain if the hackers have collected sensitive data.

The hackers further created fake websites that look similar to the universities sites they targeted. A fake website for Lancaster University and Warwick University were created in May and June respectively. However, those liable of attacking these universities took advantage of the internet “green padlock” system to lure victims into giving up their credentials by using padlock certificates gotten from the US Company “Let’s Encrypt”

Australian University hacked by Chinese Hackers

Recently, Australia’s top-ranked university had to spend months to deal with the threat to its computer systems, which experts said was compromised by Chinese hackers. Hackers breached the networks at the Australian National University, which was later traced to China. In a statement, the Australian National University informed the public of no research, student, or staff information was stolen by this latest threat. In a swift reaction, the government indicated that “nation states and criminal groups” were known to steal intellectual property while targeting universities. However, China wasn’t named as the instigator of the attacks. The government spokespersons in an email said the government is working closely with the university to find the underlying cause of the incident.

Previously, the Australian’s cybersecurity agency had blamed foreign intelligence service without proper investigation for a 2015 malware attack. Tim Wellsmore of FireEye Inc. said, “We don’t have information on this specific incident but organizations which conduct research with defense applications are regular targets of advanced cyber-attacks.”

Summary

Article Name

Cybercriminals Targets Institutions and Universities in the UK

Description

Some students in UK universities were sent phishing emails in order to gain access to their credentials. The attackers further created a similar website of the universities they targeted.

Author


Ali Raza

Publisher Name


Koddos

Publisher Logo





Source link

Related posts

Facebook can’t keep you safe

satoshi

BIG Blockchain Intelligence Group launches center to notify on crypto thefts

satoshi

AI Weekly: 6 important machine learning developments from AWS re:Invent

satoshi

Apple restores internal iOS apps for Facebook and Google after row

satoshi

Networked knitting machine: not your average knit one, purl one

satoshi

REMME Is on Track to Deliver a Password-less Future with Blockchain

satoshi