The US Department of Justice (DOJ) today unveiled an indictment in the Southern District of New York accusing nine Iranians of conspiring to hack into universities and businesses to steal intellectual property and academic data.
Deputy Attorney General Rod Rosenstein speaks to the media on Friday, 16 February 2018, in Washington. Photo: AP
The Iranians, allegedly working on behalf of the Iran’s Islamic Revolutionary Guard Corps, are said have to targeted, among other entities, professors at 320 universities worldwide (144 of which are American), 47 domestic and foreign private companies, the US Department of Labor, the US Federal Energy Regulatory Commission, and the United Nations.
The Iranians worked for an company known as the Mabna Institute, which two of them founded, Deputy Attorney General Rod Rosenstein said at press conference today. The state purpose of the company is to help Iranian universities access scientific research, he said.
“From 2013 to 2017, the defendants targeted more than 100,000 accounts of university professors around the world,” said Geoffrey Berman, US attorney for the Southern District of New York. “And by tricking professors to click on false links, compromised 8000 accounts.” Once the defendants gained access to the accounts, he said, they stole “massive amounts of academic data and intellectual property”.
“The universities combined had to pay $3.14 billion [$AU4.1 billion] to access this information. The defendants got it for free,” Berman said.
#Breaking: Nine Iranians charged with conducting massive cyber theft campaign on behalf of the Islamic Revolutionary Guard Corpshttps://t.co/DIRv5LT7E6 pic.twitter.com/EdizPpd3Rk
— FBI New York (@NewYorkFBI) March 23, 2018
The defendants, presumed innocent until found guilty in a US court, are all citizens or residents of Iran. They were identified as Gholamreza Rafatnejad, 38; Ehsan Mohammadi, 37; Abdollah Karima, 39; Mostafa Sadeghi, 28; Seyed Ali Mirkarimi; 34; Mohammed Reza Sabahi; 26; Roozbeh Sabahi; 24; Abuzar Gohari Moqadam, 37; and Sajjad Tahmasebi, 30.
The charges are listed as conspiracy to commit computer intrusions, wire fraud, aggravated identity theft, and unauthorised access of a computer. They carry a maximum sentence of four decades in prison.
In addition to the charges, the Department of the Treasury’s Office of Foreign Assets Control (OFAC) has slated for sanctions the nine defendants and the company they work for.
“We will not tolerate the theft of US intellectual property, or intrusions into our research institutions and universities,” Treasury Undersecretary Sigal Mandelker said. “Treasury will continue to systematically use our sanctions authorities to shine a light on the Iranian regime’s malicious cyber practices, and hold it accountable for criminal cyberattacks.”