Hackers target UK cybersecurity universities

University library
(Image credit: Image Credit: Andrew_t8 / Pixabay)

Iranian cybercriminals attempted to hack into UK universities offering government-certified cybersecurity courses, new research has claimed.

The group behind the attacks targeted at least 18 British universities over a period of several months, according to researchers. The list of targets includes some high-profile institutions as well as some lesser known universities certified by the National Cyber Security Centre (NCSC) to provide degrees in cybersecurity.

At this time though, it is not known as to whether the universities in question were singled out because of their affiliation with the NCSC but half of the targets on the list were NCSC-certified. 

The attacks are believed to be linked to a previous campaign in which dozens of universities were hacked and their research was published on two Iranian websites.

Phishing for university credentials

Students with UK university logins were sent phishing emails by the attackers to trick them into giving up their passwords.

According to Lancaster University, a small number of recipients fell for the attack and entered the credentials. Luckily though the University reset their passwords and investigated whether any sensitive data had been obtained.

The hackers even created fake websites which appeared quite similar to the sites of the universities they targeted. A fake site for Lancaster University was set up in May while one for Warwick University was created in June.

Those responsible for the attacks also took advantage of the Internet's “green padlock” system to try to fool victims into entering their credentials by using padlock certificates obtained from the US company Let's Encrypt.

Via Forbes

Anthony Spadafora

After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home.