February 15, 2020
Dutch broadcaster NOS on Friday reported that government-backed Iranian hackers have targeted three Dutch universities and another academic body in the past few months.
The report is based on the findings of a multinational consultancy firm called PricewaterhouseCoopers (PwC).
According to NL Times, Gerwin Naber, head of digital research at PwC, said the Iranian government wanted to provide knowledge to Iranian students by hacking these academic bodies because “due to sanctions, it is not always readily available”.
The consultancy firm also found out that Iranian hackers had also targeted academic bodies in the rest of Europe, the United States and Australia.
The attackers of the Dutch universities stole student login details and posted them on an Iranian forum. Iranian students can use these details to log into digital libraries that would otherwise be closed to them, the NL Times report said.
“Teaching material may be relatively harmless, but potentially more sensitive material may have also been stolen,” Naber said to NOS. It is difficult to say exactly what has been was stolen, but so far there is no evidence that Dutch universities lost more than teaching material and student login details.
In 2018 Certfa, a cybersecurity research lab, reported that Iranian state-backed hackers had carried out phishing attacks against U.S. officials as well as civil and human rights activists and journalists around the world.
The group also targeted the staff of the United Nation’s National Security Council and former Obama officials who were involved in nuclear negotiations with Iran. Thirteen U.S. Treasury officials, including the director of the Financial Crimes Enforcement Network which tracks terror financing, were also among the targets by the hacker group calling itself Charming Kittens.
In March 2018, the U.S. Department of Justice issued indictments for nine Iranians for conducting a “massive cyber theft campaign” for the IRGC.
Two other indictments were issued in the case of Iranians involved in ransomware schemes in November 2018. The schemes targeted computer systems at hospitals in the United States.
A bulletin of the National Terrorism Advisory System dated January 4 said Iran maintains a robust cyber program and can execute cyberattacks against the United States. On January 5, the United States issued an alert warning of potential Iranian cyberattacks.
According to NL Times the Iranian embassy in The Hague did not comment to the broadcaster on PwC’s findings, but did reiterate that the American charges of two years ago, which Iran has always denied, were “false”.