Cyber Security Education: Iranian hackers posed as academics at London’s School of Oriental and African Studies to conduct an online espionage campaign targeting experts on the Middle East. The hacking attempt was carried out by a group called itself ‘Charming Kitten’ and are widely thought to be operating behalf of Iran’s shadowy Revolutionary Guard.
Iran — alongside Russia, China and North Korea — is one of the most potent cyber aggressors facing the UK.
Lindy Cameron, chief executive of the National Cyber Security Centre (NCSC), a branch of signals intelligence agency GCHQ, warned last month that Iran was using digital technology to “sabotage and steal” from a range of British organisations.
The NCSC has previously highlighted Iran’s particular interest in online espionage aimed at UK academics.
The most recent operation involved hackers sending out spoof emails purporting to be from a real academic at the school, inviting recipients to take part in conferences and events.
Once a rapport had been established, the recipients, who were experts in Middle Eastern affairs from think-tanks, academia and journalism, were directed to a dummy web page that hackers had inserted into the site of the school’s radio, SoAS Radio, an independent online broadcaster based at the university.
On this page, the espionage targets were invited to “register” for events by providing personal details, including a password, which were seized by the hackers and used to access other sites, such as the individuals’ email accounts.
It’s estimated 10 individuals were targeted, most of whom were based in the US and the UK.
The campaign began as far back as January this year, and a few months later the hackers started sending emails claiming to be from a second SOAS academic.
A spokesperson from SOAS said the hackers had not breached the university’s cyber security education protocols.
The spokesperson said: “Once we became aware of the dummy site earlier this year, we immediately remedied and reported the breach in the normal way.”
The NCSC, which advises on the UK’s cyber defences, said it was “aware” of this campaign and that it was working “closely” with the academic sector to help improve cyber resilience. “Universities handle valuable data which can make them a lucrative target for malicious cyber actors, including hostile states and cyber criminals,” it said.