US charges Iranians with hacking hundreds of universities

Ireland among 22 countries from which US claims group stole data on behalf of state

The cyberattacks, beginning in at least 2013, pilfered more than 31 terabytes of academic data and intellectual property from 144 US universities and 176 universities in 21 other countries, the US Department of Justice said. Photograph: iStockphoto
The cyberattacks, beginning in at least 2013, pilfered more than 31 terabytes of academic data and intellectual property from 144 US universities and 176 universities in 21 other countries, the US Department of Justice said. Photograph: iStockphoto

The US on Friday announced sanctions against nine Iranians and an Iranian company for attempting to hack into hundreds of universities worldwide, including in Ireland, on behalf of Tehran's government.

The cyberattacks, beginning in at least 2013, pilfered more than 31 terabytes of academic data and intellectual property from 144 US universities and 176 universities in 21 other countries, the US Department of Justice said.

It described the conspiracy as one of the largest state-sponsored hacking sprees prosecuted.

The US Treasury Department said that it was placing sanctions on the nine accused individuals and the Mabna Institute, a company described by US prosecutors as designed to help Iranian research organisations steal information.

READ SOME MORE

"These defendants are now fugitives of justice," US deputy attorney general Rod Rosenstein said at a press conference. Mr Rosenstein said they may face extradition in more than 100 countries if they travel outside of Iran.

Hackers targeted email accounts of more than 100,000 professors worldwide and compromised about 8,000 of them, prosecutors said. Hackers also targeted the US Labor Department, the US Federal Energy Regulatory Commission, the United Nations and the computer systems of the US states Hawaii and Indiana, prosecutors said.

The UK government backed the action taken by Washington and revealed that British universities were among those targeted. Foreign office minister for cyber Lord Ahmad of Wimbledon said the hackers sought to steal intellectual property "to make money and gain technological advantage at our expense".

The hackers were not accused of being directly employed by Iran's government. They were instead charged with criminal conduct waged primarily through the Mabna Institute on behalf of the Islamic Revolutionary Guard Corps, the elite military force assigned to defend Iran's Shia theocracy from internal and external threats.

There was no immediate response to the charges and sanctions in Iran’s state-run media.

Friday's actions are part of an effort by senior cybersecurity officials at the White House and across the US government to blame foreign countries for malicious hacks.

They were announced a day after US president Donald Trump named John Bolton, a former US ambassador to the UN who is deeply sceptical of the 2015 international nuclear accord with Iran, as his new national security adviser. The Department of Justice on Friday privately warned major internet infrastructure companies to expect attacks from Iran, an executive at one company who received the alert said. The officials said the most likely retaliation would be denial of service attacks on websites, which are not destructive but disrupt commerce and communication.

The sanctions and charges were the fourth time in the past few months that the Trump administration has blamed a foreign government for major cyber attacks, a practice that was relatively rare under the Obama administration.

The Treasury Department also placed sanctions on another Iranian, Behzad Mesri. Sometimes known as "Skote Vahshat," Mr Mesri was charged in 2017 with hacking cable TV network HBO to leak unaired episodes of the fantasy drama Game of Thrones. Mr Mesri is still at large, officials said.

The Obama administration in 2016 indicted seven Iranians for distributed-denial-of-service attacks on dozens of US banks and for trying to shut down a New York dam. Those hackers were also accused of working on behalf of Iran’s government.

None of the Iranians indicted in 2016 have been arrested or extradited, a justice department spokesman said. – Reuters/PA