Skip to content

UBC, SFU allegedly hacked by Russian intelligence-backed internet pirates

Sci-Hub allegedly working with Russian military intelligence to steal research papers from 373 universities around the world, including 33 in Canada

UBC and SFU are among 33 Canadian universities targeted by an internet piracy operation working on behalf of Russian intelligence, according to a security intelligence firm that has tracked the organization for the past three years. 

The revelations come on the heels of reporting by the Washington Post that the U.S. Department of Justice (DOJ) has launched an investigation into Alexandra Elbakyan, a Kazakh-born computer programmer who started the hugely popular Sci-Hub database, which hosts a massive collection of pilfered research from a collection of the biggest universities around the world.

The DOJ did not confirm the existence of the investigation in time for publication. But Andrew Pitts, the co-founder of PSI Registry — an independent group out of England that advocates for legitimate access to scholarly content — told The Tri-City News PSI has tracked Sci-Hub’s activities for the past three years. Pitts said his organization has used sophisticated software to log and trace intrusions into 373 universities in 39 countries, including 33 in Canada. 

The Washington Post reported that a former U.S. intelligence official believes Elbakyan is working with the GRU, the same Russian military intelligence unit that stole emails from the Democratic National Committee in the lead-up to the 2016 U.S. election and leaked the documents to Wikileaks. 

Elbakyan, who denies working with Russian intelligence, started Sci-Hub in 2011 after she became frustrated with expensive barriers to access scientific material.  

“Journal paywalls are an example of something that works in the reverse direction, making communication less open and efficient,” she told publication Science in a 2016 profile.

Even then, people were already openly questioning whether Sci-Hub was “an awe-inspiring act of altruism or a massive criminal enterprise,” according to the article.

By stealing staff and student login credentials and breaking passwords, Pitts says Sci-Hub has potentially gained access to some of the most sensitive government and corporate-contracted research in the country. He said PSI has tracked nine attacks on UBC and a single attack on SFU.

Once Sci-Hub gains access to the passwords, Pitts said, the group has free rein to steal materials from highly sensitive research, which it then uploads to its database for distribution.

Despite the nine hacks registered by Pitt’s organization, a spokesperson for UBC was only able to confirm one instance in which a publisher notified the university it had fallen victim to a “non-permitted use” related to Sci-Hub. Since then, the spokesperson said UBC had taken steps to seal up any breaches. In SFU’s case, a spokesperson denied Sci-Hub had ever hacked the university.

PSI, which has been tracking Sci-Hub for three years, says it has tracked nine hacks against UBC and
PSI, which has been tracking Sci-Hub for three years, says it has tracked nine hacks against UBC and one against SFU. A spokesperson for UBC, however, was only able to confirm a single intrusion, while SFU denied Sci-Hub had hacked their networks. - The Tri-City News

In other parts of the world, Pitts said he has been able to document just how much material Sci-Hub has accessed.

The scale of the alleged theft is immense: In one seven-day attack on the University of Strasbourg in France, Pitts said his organization found Sci-Hub stole about 450,000 articles. Over seven years, the site has grown to more than 600 terabytes — that's 600,000 gigabytes — of information, nearly twice the size of Wikipedia with a fraction of the funding required to host such a volume of data.

“We know because you can track how many donations she’s getting. There's no way she’s getting this… This is not one young Kazakh researcher in her bedroom,” said Pitts, adding that he’s been able to trace Sci-Hub’s activity back to Russia, though was not able to independently confirm its links with Russian intelligence.

And while the service has been a boon to Sci-Hub supporters who benefit from free access to information, Pitts said the emphasis on illegal downloads is a smokescreen. Users access the database’s nearly 80 million articles through a Google Chrome extension, something Pitt said acts like a giant Trojan horse, attracting the best minds in the world and then tracking their browser history, usage and active time.

“[Russian intelligence] are using this to steal the research and intellectual property from our universities.

“It’s not about downloads. It’s about national security… It’s not about copyright infringement. It’s about state-sponsored espionage.”

Pitts points to the numerous military and corporate research contracts at Canadian institutions as the main reason a university like UBC or SFU would be targeted. 

The Tri-City News reached out to the Canadian Security and Intelligence Service and the RCMP for information about any ongoing investigations into Sci-Hub in Canada.

While a spokesperson for CSIS said the service would not comment on the specific case, citing its practice of not commenting on investigations, methodologies or activities so as not to compromise the integrity of any operations, he did point to comments made in December 2018 by the organization’s director David Vigneault at an Economic Club of Canada event in Toronto.

In the rare public appearance, Vigneault warned of the growing threat of cyber espionage, and how the “scale, speed, range and impact of foreign interference has grown as a result.”

“Many of these advanced technologies are dual-use in nature in that they could advance a country’s economic, security or military interests. In particular, CSIS has seen a trend of state-sponsored espionage in fields that are crucial to Canada’s ability to build and sustain a prosperous, knowledge-based economy,” he said, noting research in areas like artificial intelligence, quantum technology and 5G.

The RCMP did not respond to questions by The Tri-City News, citing its general policy to not confirm or comment on any ongoing investigation unless charges have been laid. 

"...this is an absolute goldmine for Russian intelligence."

Other countries are taking note of Sci-Hub’s operations. Pitts said he is involved in investigations independent of the U.S. DOJ but declined to comment beyond noting that Sci-Hub was already on the European Commissions piracy watch list. It’s time universities — including Canadian research institutions — pay attention, he said.

The first step universities should take is to block Sci-Hub using his group's free IP registry tool; the second: University administrations need to shut the door on Sci-Hub and tell their students and staff to stop using the service. 

“It’s the world's best universities, yours included, so this is an absolute goldmine for Russian intelligence. You got the smartest people in the world working on very, very sensitive research projects, and they were able to get in because they're able to phish, hack, password-break credentials,” said Pitts.

“These universities have to now, with all of this evidence, take this issue much more seriously.”