Hackers are bombarding Australian universities to rob them of valuable research, in a serious threat to national security.
The New Daily can reveal thousands of staff and student accounts at prominent universities were potentially compromised in a cyber attack in August.
The attack, believed to be undertaken by Iranian hackers, targeted seven universities in every state except for the Northern Territory and Tasmania.
The hackers were attempting to gain access to research, such as academic journals, dissertations and ebooks.
Deakin University’s Cyber Security Research Institute Professor Matt Warren said hackers targeting university research posed a threat to the nation.
“They’re looking for research that can give them an advantage from an economic and defence perspective,” he told The New Daily.
“Iran currently has a number of economic sanctions against them, so anything that can help them would be very beneficial.”
More attacks are imminent, Professor Warren warned.
“Hackers want to harvest sensitive information and they will stop at nothing.”
Earlier this year, 26 Australian universities including Australian National University, Queensland University of Technology and Monash University fell victim to a similar cyber attack when they were targeted by the Iranian government-affiliated Mabna Institute.
A Monash University spokesperson told The New Daily the university had robust and sophisticated systems to detect, protect and defend against cyber attacks.
“Monash has implemented numerous layers of defence, including specialist staff, ongoing cybersecurity awareness programs and best-of-breed technology and approaches.”
Behind the latest cyber attacks
While it could not be revealed which universities were targeted in the latest attacks as an investigation was under way, SecureWorks senior security researcher Alex Tilley told The New Daily the IT firm believed the attacks were conducted similar to those of Iranian hacking group Cobalt Dickens.
Sixteen domains were found to have contained more than 300 spoofing websites (a technique used to gain unauthorised access) and fake log-in pages for 76 universities in 14 countries.
The hackers attempted to lure students and staff by sending an email with a fake log-in page.
Once victims enter their credentials into this link, they are redirected to a legitimate website where they are automatically logged into a valid session or asked to enter their credentials again.
Several of the domains referenced the targeted universities’ online library systems, which indicates the attackers were intent on gaining access to these resources.
Mr Tilley said it was extremely concerning that hackers were targeting universities.
“It looks like they have figured out that there is value in data and research,” he said.
“They’re stealing for their own aims and the risk is that all that work that researchers have been working so hard on goes out the door and someone else can advance their own program or sell that research.”
Research into subjects such as national security was included in library databases, he said.
“The fact that that state-based hackers are going after Australian research data … that’s interesting and quite scary.”
‘I was in shock’: Academic’s hacking experience
An Australian university academic, who asked not to be named, told The New Daily he had the shock of his life when he realised he and several other staff members had fallen victim to a sophisticated cyber attack last year.
“I was in shock because I logged into my university emails and saw that all of my emails had been deleted.
“When I contacted IT support at the university, they said they were aware of several other staff members being targeted.
“When the hacker got wind of me contacting IT, they then emailed me and said it was useless.”
The academic said his account and emails were restored after almost three days.
“It was a frightening experience and since then I’ve definitely been more careful and use two-factor authentication on my online accounts.”
Australian National University and Queensland University of Technology were contacted for comment.