Science is reporting on a major economic-focused cyber campaign alleging Iran breached 320 universities, government, and other companies for the purpose of stealing research:
Nine Iranians working on behalf of the Islamic Revolutionary Guard Corps hacked the computers of 7998 professors at 320 universities around the world over the past 5 years, an indictment filed by a federal grand jury alleges. The hackers stole 31.5 terabytes of documents and data, including scientific research, journals, and dissertations, the indictment alleges. Their targets also included the United Nations, 30 U.S. companies, and five U.S. government agencies.
The “massive and brazen cyber assault” is “one of the largest state-sponsored hacking campaigns ever prosecuted by the Department of Justice,” U.S. Attorney Geoffrey Berman of the Southern District of New York, where the indictment was filed, said at a press conference this morning. The hacks came to light through investigations by the Federal Bureau of Investigation and reports from victims. “The hackers targeted innovations and intellectual property from our country’s greatest minds,” Berman said, adding that they went after data and research from many fields.
According to the indictment, 3768 of the hacked professors were at 144 U.S. universities, and the attackers stole data that cost these institutions about $3.4 billion to “procure and access.” The accused allegedly set up an institute in Iran called Mabna that coordinated and paid for the hacks. The defendants then sold the stolen data through two websites, Gigapaper and Megapaper. The institute, the indictment says, aimed to “assist Iranian universities, as well as scientific and research organizations, to obtain access to non-Iranian scientific resources.”
The indicted Iranians are not in the United States, and therefore this legal maneuver likely means very little. Although the indictment carries weight in countries where the US has extradition treaties, these Iranians are probably not in any jeopardy of being caught or having their lives ruined. So the indictment was largely a political move more than anything.
Iran has been in the news a few times lately, and it appears they are attempting to up their cyber operations. This is the first time I have heard Iran hacking for economic reasons rather than political or military oriented attacks.