DOJ Indicts Nine Iranians for "Massive" Hacking Attack against US Universities
- Author: Rogelio Becker Mar 25, 2018,
Mar 25, 2018, 0:33
He said the case "will disrupt the defendants' hacking operations and deter similar crimes".
The nine men are accused of working for the Mabna Institute, an Iran-based company, which was acting under the direction of Iran's revolutionary guard according to the court papers.
No group claimed responsibility for the attack targeting Iranian newspapers.
Geoffrey Berman, U.S. attorney for the Southern District of NY, said that the attacks constituted "one of the largest state-sponsored hacking campaigns ever prosecuted by the Department of Justice". "Perhaps the professors who got hacked were more selectively targeted than the sheer number of academics targeted - 100,000 got phished, with nearly 8,000 responding - suggests".
Prosecutors add that at least five USA government agencies, 36 private sector companies and two nongovernmental organizations were also targeted.
"Americans are pushing for harder policies towards the Islamic Republic of Iran and we need to strengthen our view towards the East, especially China and Russia", Alaeddin Boroujerdi, head of parliament's National Security and Foreign Policy Committee, told ISNA news agency. Trump himself has repeatedly cast doubt on the nuclear deal, in which the USA and other world powers eased sanctions in exchange for Tehran putting limits on its nuclear program.
The National Cyber Security Centre assessed with "high confidence" that the Mabna Institute was "almost certainly responsible" for the campaign targeting universities in the UK, US and other Western nations.
The sanctions and charges were the fourth time in the past few months that the Trump administration has blamed a foreign government for major cyber attacks, a practice that was relatively rare under the Obama administration.
Iran has criticized new US sanctions against 10 of its citizens and an Iranian company over their alleged involvement in a state-sponsored large-scale hacking and intellectual property theft scheme.
For years, the United States engaged in an uneasy and destructive cyberwar with Iran, in which hacking played a central role for both sides, and which included both the Stuxnet worm that is thought responsible for the destruction of Iranian nuclear centrifuges and the Iranians' penetration of the control system for the Bowman dam in NY.
"They hacked the computer systems of approximately 320 universities in 22 countries".
The affected professors and universities were not identified. A click on the link took the victim to a fake internet domain that resembled their own university's website and asked them to log in. Foreign office minister for cyber Lord Ahmad of Wimbledon said the hackers sought to steal intellectual property "to make money and gain technological advantage at our expense".
Officials say the hack was ordered by the Iranian Revolutionary Guard Corps, a branch of the country's military.
More than 100,000 professors worldwide were targeted with spear-phishing emails, making the hacking scheme one of the largest state-sponsored cybercrime cases ever charged by the Justice Department, the Wall Street Journal reported.
Those companies include; Three academic publishers, two media and entertainment companies, one law firm, 11 technology firms, five consulting firms, four marketing firms, two banking and investment firms, two online auto sales companies, one healthcare company, one employee benefit company, one industrial machinery company, one biotechnology company and one stock images company.
Using that technique, hackers first collect lists of names and email accounts from the intended target. Once inside, the hackers would steal entire email mailboxes. Sometimes known as "Skote Vahshat", Mr Mesri was charged in 2017 with hacking cable TV network HBO to leak unaired episodes of the fantasy drama Game of Thrones.
Jake Williams, a cybersecurity expert and Army veteran, spoke out against the moves on Twitter, saying the US itself may be crossing a line by charging private contractors that work on behalf of their governments.
The indictment was the latest effort in a years-long strategy by the United States to name hackers it believes are working for foreign governments.