BACKGROUND:
The Proofpoint has uncovered an Iranian group called “SpoofedScholars” targeting universities and academic individuals. It is believed that the group has successfully compromised the website belonging to the School of Oriental and African Studies (SOAS) and the University of London to try to steal the confidential information. They also operate with a different name “Charming Kitten” and mainly target in US and UK using sophisticated techniques.
Experts Comments
This attack heavily relied on social engineering, and so, highlights the need for institutions to educate staff and students by running phishing exercises and raising awareness of the latest attack vectors through threat intelligence research. In much the same way that dirt is good for the immune system, exposing employees to the techniques used by cyber attackers is extremely important. Furthermore, organisations should also provide staff and students with comprehensive protection from
.....Read MoreThis attack heavily relied on social engineering, and so, highlights the need for institutions to educate staff and students by running phishing exercises and raising awareness of the latest attack vectors through threat intelligence research. In much the same way that dirt is good for the immune system, exposing employees to the techniques used by cyber attackers is extremely important. Furthermore, organisations should also provide staff and students with comprehensive protection from external threats covering network, email, and host-based monitoring to spot attacks, implementing an extra layer of defence.
For students and staff associated with institutions affected by this attack it is important to remain cautious and act as if your details have been breached until notified otherwise. Also consider the password you utilise for associated accounts, if this has been duplicated on other accounts, this should be changed promptly.
Read LessLinkedin Message
@Lewis Jones, Threat Intelligence Analyst, provides expert commentary at @Information Security Buzz.
"..."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/experts-insight-on-iranian-hackers-posed-as-british-based-academic
Facebook Message
@Lewis Jones, Threat Intelligence Analyst, provides expert commentary at @Information Security Buzz.
"..."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/experts-insight-on-iranian-hackers-posed-as-british-based-academic
This sort of attack is, in truth nothing, new. It is simply a well-orchestrated phishing attack designed to steal usernames and passwords from targeted groups of people. It is very easy to create a “fake” version of a legitimate website and hide the bad intentions without the victims noticing. This time, however, the alleged Iranian hackers found it easier to compromise a legitimate website instead of harvesting credentials. While logging onto sites using social media credentials such as
This sort of attack is, in truth nothing, new. It is simply a well-orchestrated phishing attack designed to steal usernames and passwords from targeted groups of people. It is very easy to create a “fake” version of a legitimate website and hide the bad intentions without the victims noticing. This time, however, the alleged Iranian hackers found it easier to compromise a legitimate website instead of harvesting credentials. While logging onto sites using social media credentials such as Google, Facebook & Microsoft offer convenience to people, it also offers convenience to hackers; if they can fool you into giving away those credentials they can get into a lot more systems, including your email where all the password reset notifications go. It's like getting the keys to the kingdom. It is more important than ever to ensure that you and your users are not using a known compromised password.
Linkedin Message
@Steven Hope, CEO and co-founder, provides expert commentary at @Information Security Buzz.
"..."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/experts-insight-on-iranian-hackers-posed-as-british-based-academic
Facebook Message
@Steven Hope, CEO and co-founder, provides expert commentary at @Information Security Buzz.
"..."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/experts-insight-on-iranian-hackers-posed-as-british-based-academic
Unfortunately, higher education institutions are at high risk of being targeted by cybercriminals as they harbour highly sensitive information on both individuals as well as on-going, cutting-edge research. Indeed, they are home to some of the most advanced research projects in the world. Moreover, due to a prevalent use of emails and lack of security awareness training among staff and students, the chances of someone falling victim to a phish are rather high.
This cyber-espionage attempt by
.....Read MoreUnfortunately, higher education institutions are at high risk of being targeted by cybercriminals as they harbour highly sensitive information on both individuals as well as on-going, cutting-edge research. Indeed, they are home to some of the most advanced research projects in the world. Moreover, due to a prevalent use of emails and lack of security awareness training among staff and students, the chances of someone falling victim to a phish are rather high.
This cyber-espionage attempt by the Iranian group, “Charming Kitten”, demonstrates an urgent need to train students and professors alike to spot suspicious emails. Some top tips include checking the email address as well as the sender (if it's from @gmail.com it's probably not a legitimate organisation), looking for grammatical mistakes, or a strange sense of urgency in the messaging. If an individual realises they have been breached, they should immediately take action by changing their personal password and alerting the university.
Read LessLinkedin Message
@Jamie Akhtar, CEO and Co-founder, provides expert commentary at @Information Security Buzz.
"..."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/experts-insight-on-iranian-hackers-posed-as-british-based-academic
Facebook Message
@Jamie Akhtar, CEO and Co-founder, provides expert commentary at @Information Security Buzz.
"..."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/experts-insight-on-iranian-hackers-posed-as-british-based-academic
It’s unusual but not unheard of for malicious actors to contact individuals as part of their attack profile. Earlier this year, for example, young patients at the Vastaamo Clinic in Finland were approached individually by the perpetrator of a Ransomware attack when the company refused to pay them itself. In this case, targeting academics is a fairly safe undertaking as they represent a vast, multinational community and their job is to collaborate. To this end, things like conference
.....Read MoreIt’s unusual but not unheard of for malicious actors to contact individuals as part of their attack profile. Earlier this year, for example, young patients at the Vastaamo Clinic in Finland were approached individually by the perpetrator of a Ransomware attack when the company refused to pay them itself. In this case, targeting academics is a fairly safe undertaking as they represent a vast, multinational community and their job is to collaborate. To this end, things like conference invitations are commonplace and a good cover for the attack described by Proofpoint in their report. The best defence for any individual who may be targeted is critical thinking. Always question messages, corroborate information and check credentials independently. It’s often a good idea, if conferences and events make up a substantial part of your work, to set up a separate email account etc. for event registrations to sandbox your regular contact details. Most people do this to stop all of the post-event marketing material but it’s a good protection tool too. I’m sure these types of attacks will grow in popularity as the methodologies become known so getting a head start and training yourself to be circumspect and cautious can only be a good thing.
Read LessLinkedin Message
@Brian Higgins, Security Specialist, provides expert commentary at @Information Security Buzz.
"..."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/experts-insight-on-iranian-hackers-posed-as-british-based-academic
Facebook Message
@Brian Higgins, Security Specialist, provides expert commentary at @Information Security Buzz.
"..."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/experts-insight-on-iranian-hackers-posed-as-british-based-academic
Be part of our growing Information Security Expert Community (1000+), please register here.
Linkedin Message
@Emiel Haeghebaert, Analyst, provides expert commentary at @Information Security Buzz.
"..."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/experts-insight-on-iranian-hackers-posed-as-british-based-academic
Facebook Message
@Emiel Haeghebaert, Analyst, provides expert commentary at @Information Security Buzz.
"..."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/experts-insight-on-iranian-hackers-posed-as-british-based-academic