This morning, the Department of Justice announced that nine Iranians have been indicted for an alleged hacking campaign affecting 320 universities around the world, 144 of which were US institutions. The individuals are believed to have been working for the Iranian government and have been accused of stealing research from the affected institutions. They've been indicted on seven federal crimes including computer fraud, wire fraud, conspiracy and identity theft.
The individuals are also accused of selling the information they stole from the universities. The campaign took place from 2013 to 2017 and targeted over 100,000 university professors around the world with phishing links. They are said to have breached more than 8,000 accounts and stole a whopping 31.5 terabytes of data. The DOJ says that the stolen data cost US universities $3.4 billion to access and maintain. Along with universities, at least 36 private US companies and 11 foreign-based companies were targeted as were government entities like the US Department of Labor, the United Nations and the Federal Energy Regulatory Commission. In some cases, the indicted individuals stole entire email mailboxes. A variety of different sectors were targeted, including law firms, tech companies, consulting firms, financial services, healthcare entities and biotech firms.
The nine individuals are believed to be in Iran currently and are said to have been working for an Iranian group called the Mabna Institute. According to the US Department of the Treasury, the Mabna Institute was founded in 2013 in order to aid Iranian universities and research organizations in obtaining scientific resources from other countries. The Mabna Institute is said to have been contracted but the Iranian government to conduct hacking campaigns. The institute and 10 individuals have been sanctioned by the Treasury Department.
In his statement today, Geoffrey Berman, a US attorney for the southern district of New York, said, "While the defendants remain at large, they are now fugitives from the American judicial system. These defendants are no longer free to travel outside of Iran without the fear of being arrested and extradited to the United States. They cannot leave Iran to conduct business. The only way the can see the rest of the world is through their computer screen, but now stripped of their greatest asset -- anonymity."
Due to the indictments, the named individuals will now risk arrest and extradition in over 100 countries and the sanctions will limit the business and financial transactions they can engage in. "Where we cannot apprehend individuals quickly, we will resort to different methods such as naming and shaming, sanctions and a lot of publicity," Deputy FBI Director David Bowdich said today. "We will keep at it because the FBI and our partners at the Department of Justice have a very long memory and the long arm of the law reaches worldwide."