U.S. Alleges Iranian Cyber Theft at Research Universities

The hacking involved data belonging to thousands of professors at 320 institutions worldwide.

Mar 26, 2018
Jim Daley

ISTOCK, PABRADYPHOTO

US government officials announced criminal indictments against nine Iranian nationals last week (March 23), charging them with hacking the computers of 7,998 professors around the world on behalf of the Islamic Revolutionary Guard Corps, Iran’s national security force. Of the professors whose data were compromised, 3,768 are at US universities. The indictment alleges that the hackers obtained more than 30 terabytes—about 15 billion pages—of documents and data, including scientific research, dissertations, and journals.

“Today, in one of the largest state-sponsored hacking campaigns ever prosecuted by the Department of Justice, we have unmasked criminals who normally hide behind the ones and zeros of computer code,” Geoffrey Berman, US attorney for the Southern District of New York, said in a press conference announcing the indictments (via The Washington Post). FBI Deputy Director David Bowdich noted during the press conference that all the identified attackers live in Iran and apprehending them “presents a challenge.”

According to the indictment, the nine individuals are allegedly connected to the Mabna Institute, which intended to “assist Iranian universities, as well as scientific and research organizations, to obtain access to non-Iranian scientific resources.”

See “AAAS Press Release Repository Hacked

“It's best to see this as a signal to the Iranians rather than excitement over a particular crime,” James Lewis, a technology and intelligence expert at the Center for Strategic and International Studies, tells The Chronicle of Higher Education.

“[N]ot only are we publicly identifying the foreign hackers who committed these malicious cyber intrusions, but we are also sending a powerful message to their backers, the government of the Islamic Republic of Iran: Your acts do not go unnoticed,” FBI Director Christopher Wray says in a statement. “We will protect our innovation, ideas and information, and we will use every tool in our toolbox to expose those who commit these cyber crimes.”