Sophisticated Iranian hack of university accounts offers lessons | News | Notre Dame News | University of Notre Dame Skip To Content Skip To Navigation Skip To Search University of Notre Dame Notre Dame News Experts ND in the News Subscribe About Us Home Contact Search Menu Home › News › Sophisticated Iranian hack of university accounts offers lessons Sophisticated Iranian hack of university accounts offers lessons Published: April 04, 2018 Author: Shannon Roddel Mike Chapple The U.S. Justice Department on March 23 (Friday) charged nine Iranians in one of the largest state-sponsored hacks ever prosecuted — an attack to steal electronic data from universities, private corporations and U.S. government entities.   The hacking, which began around five years ago, does not appear to have targeted the University of Notre Dame, but pilfered academic data and intellectual property from 144 U.S. universities and 176 universities in 21 other countries. Mike Chapple, associate teaching professor of IT, analytics and operations in Notre Dame’s Mendoza College of Business, says the hacking was sophisticated, clever and carefully designed to appeal to specific professors.   “The attackers did their homework, researching the academic backgrounds of individual professors and sending them forged email messages designed to appear as if they were from colleagues in the same field of study at other institutions,” says Chapple, who previously served as senior director for IT service delivery in Notre Dame’s Office of Information Technologies. “If the targeted professor clicked the link, they landed at a fake webpage designed to look like their university’s login page. If they logged into the fake site, the Iranians learned their username and password and used it to gain access to the professor’s account.”   Chapple says the attacks were highly successful because they preyed upon the vanity of each targeted professor. He gives the following fictitious example of the types of phishing emails received by professors:   Dear Professor Nieuwland,   I read with great interest your recent paper published in the Journal of Obscure Studies. Your in-depth analysis of the protein consumption habits of male rodents on Asok Island fills a long-neglected gap in our field.   I thought that you might be interested in reading a study that I recently published in the Journal of Indonesian Mammals looking at a similar population on nearby Pandan Island. I will be returning there later this year to conduct a follow-up study and would be interested in collaborating on future work if you are interested.   Here is a link to the article: http://www.indonesianmammals.org/feb2018/pandan.html   I look forward to hearing from you.   Sincerely, Edward Irish Professor of Biological Sciences Another University     “What faculty member wouldn’t be flattered to receive an email like this from a colleague clearly interested in our research and extending an offer of future collaboration?” Chapple asks. “Most of us would immediately click the link and skim the paper to get a sense of the related work. If the first thing that we saw after clicking the link was our university’s login page, we’d likely grunt in frustration, tap out our username and password, and rush to read the article.”   These messages, however, originated not from an interested colleague, but from the Mabna Institute, an Iranian government-linked company charged with assisting Iranian universities and scientific/research organizations in gaining access to foreign scientific information.   While it might seem strange that Iranian hackers were targeting academics, Chapple says, they had two main goals.    “You have to remember that university research, particularly in science and engineering, is of great interest to foreign governments,” he says. “They allegedly stole the intellectual property, then resold the accounts through Iranian websites, so that individuals could gain access to the library and computing resources of major universities.    “One of the main reasons these attacks were successful is that professors don’t see themselves as likely targets of attackers. We generally don’t handle very sensitive information or have access to financial resources. Our accounts do, however, unlock the doors to the tremendous technology and research capabilities of our universities.”    The U.S. government alleges that Mabna stole 31.5 terabytes of “academic data and intellectual property” from victim universities. Chapple says a scientific paper loaded with figures might run about three megabytes, meaning the amount of information stolen was the size of about 10 million scientific papers.   The lesson, Chapple says, is that we are the targets of cyberattacks by serious and talented adversaries with the financial backing of foreign governments and need to take the security of our accounts seriously.   “Fortunately, there’s a simple solution to this problem that goes beyond hackneyed warnings to faculty and staff that they should be more careful and avoid responding to suspicious emails. Multifactor authentication technology stops password phishing attacks in their tracks by adding a second step to the login process. After providing a username and password, users receive a message on their phone asking them to approve the login before being granted access. This is often as simple as clicking OK, but the second or two spent completing this extra step prevents someone who stole your password, but not your phone, from accessing your account.”   Notre Dame has adopted this technology for all faculty, staff and students, as have many other schools, including Harvard, University of California, Berkeley and Indiana University.   “When schools roll out multifactor authentication, they typically see an immediate and dramatic plunge in successful account thefts to a near-zero rate,” Chapple says. “At the same time, they’re often surprised to see how quickly faculty and staff adapt to the new approach.”   Contact: Mike Chapple, 574-631-5863, mchapple@nd.edu Posted In: University News Home Experts ND in the News Subscribe About Us Related October 03, 2022 Congresswoman Liz Cheney to speak at Notre Dame on the future of democracy September 22, 2022 In memoriam: Rev. Richard Warner, C.S.C., longtime leader for Notre Dame, Congregation of Holy Cross September 22, 2022 ND Forum keynote event to feature Emmy Award-winning actors in Theater of War Productions’ presentation of ‘The Suppliants’ in Notre Dame Stadium September 21, 2022 In annual address to faculty, Father Jenkins outlines campus-wide vision for elevating excellence September 15, 2022 Lilly Endowment Inc. grant helps to expand Notre Dame pre-college programs for Hoosier high school students For the Media Contact Office of Public Affairs and Communications Notre Dame News 500 Grace Hall Notre Dame, IN 46556 USA Facebook Twitter Instagram YouTube Pinterest © 2022 University of Notre Dame Search Mobile App News Events Visit Accessibility Facebook Twitter Instagram YouTube LinkedIn