The U.S. Department of Justice announced indictments against nine Iranians and the company they worked for, accusing them of stealing data valued in the billions of dollars from professors and others.
The Iranians were part of a huge scheme to steal valuable research and intellectual property from U.S. and foreign universities. In addition to the indictments, the Justice Department recommended sanctioning the individuals and the company, the Mabna Institute.
The U.S. directly connected the hacking operation to the Iranian government, saying the hackers were working for the Revolutionary Guards.
“(W)e have unmasked criminals who normally work in total anonymity, hiding behind the ones and zeros of computer code,” said Manhattan US Attorney Geoffrey Berman, who called it a “massive and brazen cyberassault.”
The move from the Justice Department and Treasury follows other US efforts to indict foreign government-linked cyberattackers, including special counsel Robert Mueller’s indictment of Russian operatives for meddling in the 2016 US election, and the Obama administration’s indictment of Chinese military members for the government-sponsored hacking of US companies.
It also comes at a time of tension with Iran, long an adversary of the US. As President Donald Trump reshuffles his national security and diplomacy team, including firing Secretary of State Rex Tillerson and national security adviser H.R. McMaster, experts speculate Trump may be laying the groundwork to pull out of the Iran nuclear deal that the Obama administration negotiated, though Iran’s cyber efforts were not part of that deal.
Officials also stressed that the hacking was conducted at the behest of the Iranian government, and Mabna Institute functioned as a contractor for the Revolutionary Guard. Sigal Mandelker, Treasury’s undersecretary for terrorism and financial intelligence, stressed that the elite military wing has been a primary actor behind Iran’s sponsorship and encouragement of terrorism.
“The IRGC plays a central role in Iran’s maligned activities across the world, including fomenting terrorism,” Mandelker said.
It appears that the Iranians were able to access the information with ease:
The indictment alleges the Mabna Institute targeted more than 100,000 professors worldwide and succeeded in compromising 8,000 of them, spread across 144 US-based universities and 176 foreign universities. In their crosshairs were various types of intellectual property, including academic journals, dissertations and electronic books.
To break into the accounts, the sophisticated campaign started by studying each target in a reconnaissance phase, then using that information to send specialized emails to the targets that appeared to come from other university professors expressing interest in a recently published work, with links to other research that were actually links to malicious websites that would mimic the professor’s login page and steal his or her login information and use it to access their accounts.
Some of the brainiest people on the planet fell for a rudimentary hacking trick.
The facts are grim. Virtually all computers and phones in the U.S. are at risk of hacking. Our personal information is routinely stolen from companies that we do business with or have accounts with. Almost everyone connected to the internet has probably been penetrated, their computers infected with malware and spyware.
Few are treating this problem as the crisis it is. And one reason we’re not better protected is the cost. It is enormously expensive to protect vulnerable networks and, even then, there’s no guarantee that we’re safe.
Will it take a catastrophic hack of a nuclear power plant or some other disaster for the government and industry to wake up and accept the challenge of bad actors who hack away at our networks?