Charming Kittens target Higher Education

Cyber Security Education

Cyber Security Education: Iranian hackers posed as academics at London’s School of Oriental and African Studies to conduct an online espionage campaign targeting experts on the Middle East. The hacking attempt was carried out by a group called itself ‘Charming Kitten’ and are widely thought to be operating behalf of Iran’s shadowy Revolutionary Guard.

Iran — alongside Russia, China and North Korea — is one of the most potent cyber aggressors facing the UK.

Lindy Cameron, chief executive of the National Cyber Security Centre (NCSC), a branch of signals intelligence agency GCHQ, warned last month that Iran was using digital technology to “sabotage and steal” from a range of British organisations.

The NCSC has previously highlighted Iran’s particular interest in online espionage aimed at UK academics.

The most recent operation involved hackers sending out spoof emails purporting to be from a real academic at the school, inviting recipients to take part in conferences and events.

Once a rapport had been established, the recipients, who were experts in Middle Eastern affairs from think-tanks, academia and journalism, were directed to a dummy web page that hackers had inserted into the site of the school’s radio, SoAS Radio, an independent online broadcaster based at the university.

On this page, the espionage targets were invited to “register” for events by providing personal details, including a password, which were seized by the hackers and used to access other sites, such as the individuals’ email accounts.

It’s estimated 10 individuals were targeted, most of whom were based in the US and the UK.

The campaign began as far back as January this year, and a few months later the hackers started sending emails claiming to be from a second SOAS academic.

A spokesperson from SOAS said the hackers had not breached the university’s cyber security education protocols.

The spokesperson said: “Once we became aware of the dummy site earlier this year, we immediately remedied and reported the breach in the normal way.”

The NCSC, which advises on the UK’s cyber defences, said it was “aware” of this campaign and that it was working “closely” with the academic sector to help improve cyber resilience. “Universities handle valuable data which can make them a lucrative target for malicious cyber actors, including hostile states and cyber criminals,” it said.

With over 20 years of experience, Serviceteam IT design and deliver sophisticated connectivity, communication, continuity, and cloud services, for organisations that need to stay connected 24/7. We take the time to fully understand your current challenges, and provide a solution that gives you a clear understanding of what you are purchasing and the benefits it will bring you.

To find out how we can help you, call us on 0121 468 0101, use the Contact Us form, or why not drop in and visit us at 49 Frederick Road, Edgbaston, Birmingham, B15 1HN.

We’d love to hear from you!

/0 Comments/by
You might also like
Serviceteam IT Security News Registration now open for UK Public Sector DNS service
Serviceteam IT Security News Introduction to logging for security purposes
Serviceteam IT Security News Produce clean & maintainable code
Serviceteam IT Security News Small Business Guide: Video Collection
Serviceteam IT Security News Ever wondered how a cyber crime gang operates?
Serviceteam IT Security News Introduction to the NIS Directive
0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply