Expert Advice To Protect Universities In This New Year Against Latest Iranian Hackers

Yesterday, the Malwarebytes research team published their findings of the threat actor “Silent Librarian,” a group of Iranian hackers with a history of attacking academic institutions that have come back to life to launch a new series of phishing campaigns.  The new attacks were timed to coincide with the start of the new academic years when both students and university staff were expected to be active on university portals. The attacks consisted of emails sent to victims with links to a website posing as the university portal or an associated app, such as the university library. The websites were hosted on sites with lookalike domains, but in reality, collected the victim’s login credentials.


EXPERTS COMMENTS
Jamie Boote, Security Consultant ,  Synopsys
October 15, 2020
Contracts initiated now likely won’t land in time for the school year to begin.
Remote learning is very much like work from home scenarios that organisations have been forced to transition to in recent months. Many classes are being operated via SaaS cloud solutions that students must sign into via SSO. Due to this, third-party cloud management best practices and SSO security considerations are paramount. Infrastructure concerns are a major element in this conversation, as we ....
[Read More >>]
James McQuiggan, Security Awareness Advocate,  KnowBe4
October 15, 2020
and students alike to understand how to spot a phishing email, realise what a fake link looks like
One of the common tactics used by nation-state threat actors or cybercriminals for phishing attacks is to use a similar website address of the target. In this case, it was the university’s research systems. Unfortunately, students do not receive security awareness training as part of their education. Like corporate organisations, educational institutions must provide security awareness training ....
[Read More >>]
Tim Mackey, Principal Security Strategist,  Synopsys CyRC
October 15, 2020
They have to figure it out themselves for the most part.
I was involved in some of the remote learning planning for my school system, so I can provide some perspective. One critical element in the tech selection process is the teacher. Something as simple as a teacher distributing a PDF to students became an issue because while they’re easy to edit on a Mac and a PC, it’s not possible to edit on an iPad (which may be the only resource for some stude ....
[Read More >>]
Samantha Isabelle Beaumont, Senior Security Consultant ,  Synopsys
October 15, 2020
We must ensure that the technology provided to students is actually accessible.
We must ensure that the technology provided to students is actually accessible. Many applications require a strong internet connection to access. If a student lives in a rural setting with poor network or satellite connection then learning solutions suffer from VPN requirements or latency—and we must also take into account those with no access to an internet connection or device from which to wo ....
[Read More >>]
Sammy Migues, Principal Scientist ,  Synopsys
October 15, 2020
Spear phishing will likely increase as distance learning becomes more long-term.
Spear phishing will likely increase as distance learning becomes more long-term. Attackers and fraudsters will likely target students with extremely realistic emails for credentials and possibly financial information. Schools and universities need to be prepared for this by educating students on the threats. Schools should consider having an email address in which students can forward suspicious ....
[Read More >>]
Chad Anderson, Research Engineer ,  DomainTools
October 15, 2020
Security worst best when it focuses on prevention, rather than reaction.
This resurgence in phishing emails around the start of term further shows how well cybercriminals study their targets and plan their campaigns according to the world around them, utilising social engineering techniques that increase their chance of success. These universities don't need reminding that cybersecurity awareness programmes need to run regularly to minimise the risk of these attacks b ....
[Read More >>]
Paul (PJ) Norris, Senior Systems Engineer,  Tripwire
October 15, 2020
Organizations should put in place technical controls to prevent and detect successful attacks as well.
Universities are fruitful targets for cyber attackers and malicious actors. Intellectual property theft motivates many of the targeted attacks such as spear phishing academic staff. However, universities have large collections of personally identifiable information for their faculty, staff, and students, and this provides significant motivation for attackers. Employee education is the first line ....
[Read More >>]
Niamh Muldoon, Senior Director of Trust and Security EMEA,  OneLogin
October 15, 2020
New students are especially vulnerable as they enter university for the first time and learn about university life.
During the start of an academic year, students and professors alike are often caught in the chaos of a new year. Distractions are plentiful as people reconnect from over the break, and individuals navigate new schedules. Information floods in, typically by email, and unfortunately, recipients are often ill-prepared to determine an authentic email from a malicious one. New students are especially v ....
[Read More >>]

If you are an expert on this topic:

Submit Your Expert Comments


In this article