The Department of Justice charged nine Iranians on Friday in a massive hacking conspiracy that targeted hundreds of American universities and government agencies.
The cyber attack amounted to “one of the largest state-sponsored hacking campaigns ever prosecuted by the Department of Justice,” according to Geoffrey Herman, U.S. Attorney for the Southern District.
Targeted entities included 144 American universities and an additional 176 universities across 21 foreign countries. The hack also affected 47 private sector companies, government agencies such as the U.S. Department of Labor and the Federal Regulatory Commission, and the state of Hawaii and Indiana, as well as the United Nations, reports Wired.
The cyber attacks, which began in at least 2013, stole more than 31 terabytes of information, totaling more than $3 billion in intellectual property.
The U.S. Treasury Department says sanctions will be placed on the nine individuals and Tehran-based Mabna Institute, a company prosecutors describe as a business designed to help Iranian research organizations steal information.
The hackers have been charged with criminal conduct waged primarily through the Mabna Institute on behalf of the Islamic Revolutionary Guard Corps, an elite military force assigned to defend Iran’s Shi’ite theocracy.
Iranian Hackers Targeted Professors’ Email Accounts, Sold Data to Iranian Universities
The hackers targeted the email accounts of more than 100,000 professors worldwide, half in the U.S., and compromised about 8,000, according to Reuters.
The indictment filed in U.S. District Court in New York says the hackers sent “spearphishing” emails tailored to the academic interests of university professors after conducting extensive background research on them.
The emails claimed to be from professors at another university and indicated the sender had read an article written by the recipient. They also contained links, supposedly to related articles, that directed them to a malicious internet domain that looked similar to the victims’ actual university portal. Once there, they were prompted to enter their login credentials to proceed.
Once the hackers gained access to the accounts, they stole academic data and intellectual property related to science and technology, engineering, social sciences and medicine, according to the indictment.
The stolen data was then sold to Iranian universities through websites Megapaper and Gigapaper.
Hackers Face Extradition; Iran Spokesman Condemns Charges
U.S. Deputy Attorney General Rod Rosenstein says the hackers are considered fugitives who may face extradition to the U.S. in more than 100 countries if they travel outside of Iran. Those sanctioned will also have American assets frozen.
Authorities “will aggressively investigate and prosecute hostile actors who attempt to profit from America’s ideas by infiltrating our computer systems and stealing intellectual property,” Rosenstein said at a news conference.
Britain’s National Cyber Security Centre said on Twitter the Mabna Institute was “almost certainly responsible for cyber attacks targeting universities around the world.”
On Friday, the Department of Justice also privately warned major internet infrastructure firms to expect attacks from Iran, according to an executive at one company.
Officials predict retaliation will include denial of service attacks websites, which are not destructive but disrupt commerce and communication.
Iran’s foreign ministry spokesman Bahram Qasemi condemned the charges as “provocative, illegitimate, and without any justifiable reason and another sign of the hostility of the (U.S.) ruling circles toward the Iranian nation.”
The post 9 Iranian Hackers Charged in Cyber Attacks on Colleges, Gov’t Agencies appeared first on Campus Safety Magazine.