The Iranian attacks used social engineering techniques to trick professors into revealing their passwords. In this video, Mike Chapple explores the way these attacks worked.
(ominous music)…- [Instructor] Now, let's go inside the breach.…(ominous music)…The Iranian attack against American university professors…demonstrated a strong understanding of…the nature of academic work…and the psychology of faculty members.…The academic culture promotes the publication…of research and rewards work that is respected by…a professor's peers at other institutions.…
Recognizing this, the Mabna Institute attackers…carefully researched their targets.…They studied the work of individual professors,…learning about their research interests and publications.…The attackers then used this information…to design email messages that specifically…targeted individual professors.…We don't have the text of those emails,…but here's an example of the types of information…that they included.…The email addressed a specific professor…and used flattery when referring to…a paper the professor had published.…
They then included an offer of collaboration,…and a link to an interesting resource.…This was a spear-phishing attack designed…
Author
Updated
6/10/2019Released
10/8/2018Skill Level Intermediate
Duration
Views
Related Courses
-
Insights from a Cybersecurity Professional
with Mike Chapple32m 15s Intermediate -
IT Security: Key Policies and Resources
with Gregory Michaelidis23m 44s Intermediate
-
Introduction
-
The 2017 Equifax Breach
-
The Equifax breach2m 41s
-
Inside the Equifax breach3m 22s
-
Lesson 2: Move quickly!2m 36s
-
-
The 2013 Target Breach
-
The Target breach2m 43s
-
Inside the Target breach4m 55s
-
Lesson 1: Vendor management4m 21s
-
Lesson 3: Log monitoring5m 6s
-
-
The 2006 VA Laptop Theft
-
Inside the VA breach5m 42s
-
Lesson 3: Security policy4m 42s
-
Aftermath of the VA breach2m 45s
-
The 2018 Atlanta Ransomware Breach
-
The 2005 TJX Breach
-
The TJX breach2m 8s
-
Inside the TJX breach4m 3s
-
Aftermath of the TJX breach2m 27s
-
-
The 2013 Bowman Dam Breach
-
The Bowman Dam breach3m 12s
-
Inside the Bowman Dam breach5m 51s
-
-
The State-Sponsored University Breach
-
Lesson 3: Social engineering6m 19s
-
The Maersk Breach
-
The Maersk breach2m 43s
-
Inside the Maersk breach3m 37s
-
Lesson 3: Test backups4m 8s
-
After the Maersk breach2m 38s
-
-
The Sony Breach
-
The Sony breach3m 24s
-
Inside the Sony breach2m 42s
-
Lesson 1: Defense in depth2m 11s
-
Lesson 2: Offense is risky2m 23s
-
Lesson 3: Authentication2m 13s
-
After the Sony breach3m 24s
-
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.
CancelTake notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.
Share this video
Embed this video
Video: Inside the state-sponsored university breach