New details about the Iranian attacks on universities throughout Europe and North America were released over the weekend. In an announcement from the University of Oregon new details emerged about what data specifically was targeted by the Iranian government. The University did state that at this time no University data was stolen and that it appears that the attackers were looking to access academic journals. The attacker, in the attacks on University of Oregon, targeted login credentials utilized by university faculty to access various academic journals. The stolen credentials were later sold to customers and public universities in Iran. According to the FBI’s investigation 31.5 terabytes of academic data and intellectual property was stolen in total. The credentials stolen from University of Oregon faculty were obtained through a sophisticated spear-phishing campaign. As more universities continue their own internal investigations in concert with the FBI’s investigation it is possible that the financial damage done to educational institutes with continue to grow beyond the current estimate of $3.4 billion.
Written by: Nataliia Zdrok, Threat Intelligence Analyst at Binary Defense Russia’s invasion of Ukraine increased