Ira­nian hack­ers steal UK nu­clear re­search

Highly sen­si­tive Bri­tish in­for­ma­tion stolen as uni­ver­sity com­put­ers are breached in cy­ber at­tack

The Daily Telegraph - - News - By James Cook

MIL­LIONS of doc­u­ments, in­clud­ing sen­si­tive re­search on nu­clear power and cy­ber­se­cu­rity, have been stolen from top Bri­tish univer­si­ties by Ira­nian hack­ers, The Daily Tele­graph can re­veal.

Infiltration of the elite Bri­tish aca­demic in­sti­tu­tions, in­clud­ing Ox­ford and Cam­bridge, comes ahead of a new round of sanc­tions against Tehran due to be im­posed in Novem­ber.

Sev­eral Farsi lan­guage web­sites have the hacked pa­pers for sale, and of­fer to steal oth­ers on de­mand. While many are an­o­dyne, oth­ers are on top­ics in­clud­ing nu­clear de­vel­op­ment, and en­cryp­tion of com­puter files.

The hack, which pro­vides a back­door to Western re­search, risks spark­ing deep dis­plea­sure in Wash­ing­ton, as Don­ald Trump’s ad­min­is­tra­tion seeks to iso­late the regime in Tehran.

Last week, a State Depart­ment of­fi­cial warned com­pa­nies in Europe to com­ply with the new sanc­tions or face re­tal­i­a­tion from the US. Yet the se­cu­rity breach means Bri­tain’s top univer­si­ties are ef­fec­tively al­ready be­ing used to cir­cum­vent the block­ade, which bans the sale of aca­demic pa­pers to Iran.

Alis­tair Fen­emore, the chief in­for­ma­tion se­cu­rity of­fi­cer of Ed­in­burgh Uni­ver­sity, which is among those to have had re­search pa­pers stolen and sold on­line, con­firmed that hack­ers had tar­geted the uni­ver­sity, which is up­grad­ing its com­puter net­work.

Mr Fen­emore said that hack­ers had at­tempted to steal pass­words by set­ting up fake lo­gin pages to trick staff and stu­dents into dis­clos­ing their de­tails.

“Univer­si­ties should be wor­ry­ing about it,” said Dave Palmer, a for­mer MI5 and GCHQ of­fi­cer now at the cy­ber­se­cu­rity com­pany Dark­trace. “If you’re do­ing stuff like work­ing on the next hel­met-mounted dis­play for the fighter air­craft of the fu­ture, that is clearly of in­ter­est to ad­ver­sar­ial states.”

The hack comes six months af­ter the US Depart­ment of Jus­tice re­vealed that Ira­nian hack­ers were tar­get­ing univer­si­ties around the world.

To pur­chase the stolen pa­pers, some­times for as lit­tle as £2, cus­tomers in Iran send an en­crypted mes­sage to a phone num­ber us­ing What­sapp or Telegram. They are told to give the ti­tle of the pa­per they want, pay via a bank trans­fer and wait for a copy of the stolen pa­per to be sent by email.

Com­ments on the sites, writ­ten in Farsi, in­clude re­quests for pa­pers from aca­demic data­bases. One per­son sought a pa­per on man­ag­ing power plants “as soon as pos­si­ble”. An­other asked for the lat­est BMI Re­search re­port into busi­ness risk in Iran, which nor­mally sells for more than £900.

The Ira­nian hack comes as Bri­tain’s govern­ment-funded tech­nol­ogy con­sul­tancy for higher ed­u­ca­tion re­veals that univer­si­ties are blasé about the dan­gers posed by such hack­ing.

Of 114 UK univer­si­ties and col­leges sur­veyed by Jisc (for­merly the Joint In­for­ma­tion Sys­tems Com­mit­tee) only one said it was con­cerned about “na­tion state” at­tacks. Jens Mon­rad, from cy­ber­se­cu­rity com­pany Fire­eye, said: “They are not ad­dress­ing the threat land­scape they face re­al­is­ti­cally.”

A spokesman for the Na­tional Cy­ber Se­cu­rity Cen­tre (NCSC) said: “NCSC ex­perts work closely with the aca­demic sec­tor to pro­tect ed­u­ca­tion es­tab­lish­ments from cy­ber threats.”

Newspapers in English

Newspapers from UK

© PressReader. All rights reserved.