President Donald Trump’s administration announced charges on Friday against nine Iranian nationals for conducting a “massive” cyber theft campaign against American entities on behalf of the Islamic Revolutionary Guard Corps, an arm of the Iranian government.
The nine defendants are affiliated with the Mabna Institute, an Iranian company founded in 2013 that allegedly conducted “massive, coordinated cyber intrusions” into the computer systems of approximately 320 universities worldwide, 144 of which are American, according to the indictment unveiled by the Department of Justice.
Some 8,000 professors worldwide unwittingly gave the Mabna Institute their account credentials after being targeted with customized spear phishing emails, opening the door for the Iranian hackers to steal $3.4 billion worth of academic research.
The stolen research was used for the benefit of the Islamic Revolutionary Guard and sold for an ill-gotten profit in Iran.
The Mabna Institute also breached the computer systems of at least 36 American businesses and five federal and state organizations, including the Department of Labor and the Federal Energy Regulatory Commission.
It was “staggering” how much data the Iranians stole, FBI Assistant Director William Sweeney said Friday.
“An estimated 30 terabytes was removed from universities’ accounts since this attack began, which is roughly equivalent of 8 billion double-sided pages of text,” Sweeney said. “It is hard to quantify the value on the research and information that was taken from victims but it is estimated to be in the billions of dollars.”
The nine Iranians named in the indictment face charges of computer fraud, wire fraud, conspiracy and identity theft.
Manhattan U.S. Attorney Geoffrey Berman said the indictment amounted to “one of the largest state-sponsored hacking campaigns ever prosecuted by the Department of Justice.”
The alleged Iranian hackers were now “fugitives from American justice,” Berman said, hinting that it is unlikely they will ever be brought to justice.
“The only way they will see the outside world is through their computer screens, but stripped of their greatest asset – anonymity,” Berman said.
Deputy Attorney General Rod Rosenstein said in prepared remarks Friday that intellectual property theft against American institutions by foreign entities poses both an economic and a national security threat.
“Hostile individuals, organizations and nation-states have taken note of our success,” Rosenstein said. “They increasingly attempt to profit from America’s ingenuity by infiltrating our computer systems, stealing our intellectual property, and evading our controls on technology exports.”
“By bringing these criminal charges, we reinforce a norm that most of the civilized world accepts: nation-states should not steal intellectual property for the purpose of giving domestic industries a competitive advantage,” he added.
In addition to the charges, the Treasury Department levied economic sanctions against the defendants and the Mabna Institute.
“Iran is engaged in an ongoing campaign of malicious cyber activity against the United States and our allies,” Treasury Under Secretary Sigal Mandelker said in a statement. “We will not tolerate the theft of U.S. intellectual property or intrusion into our research institutions and universities.”