Tech Transfer eNews Blog
Industry-Sponsored Research Management sample issue

DOJ indicts nine Iranians over alleged hacking of hundreds of universities to steal intellectual property


By Jesse Schwartz
Published: March 28th, 2018

The US Department of Justice (DOJ) has indicted nine Iranians with possible links to the Islamic Revolutionary Guard Corps (IRGC), alleging they hacked into the computers of universities, companies, government agencies and non-governmental organizations to steal valuable data, including intellectual property.

Prior to the DOJ’s indictments, a Manhattan court unsealed a seven-count indictment alleging that the Iranians launched a coordinated hack to steal research, data and intellectual property from 144 US universities, 176 universities across 21 other countries, 47 private sector companies in the U.S. and abroad, the U.S. Department of Labor, the Federal Energy Regulatory Commission, the State of Hawaii, the State of Indiana and its Department of Education, the United Nations, and the United Nations Children’s Fund.

All nine defendants, ranging in ages from 24 to 39, are citizens and residents of Iran who allegedly worked in some manner for a firm named the Mabna Institute, which DOJ officials say works on behalf of IRGC.

The defendants, the indictment alleges, accessed university e-mail accounts through phishing campaigns, delivering e-mails disguised as correspondences from academic colleagues expressing an interest in a victim’s published articles, and containing links to what appeared to be additional relevant articles. The victims would then click the links and be redirected to a domain designed to resemble a log-in page for their own university network. Assuming they had been logged out, the victim would re-enter their credentials, exposing them to the hackers.

DOJ officials say the hackers successfully breached almost 8,000 faculty e-mail accounts out of more than 100,000 that were targeted. The hackers reportedly gained access to intellectual property that U.S. universities spent roughly $3.4 billion to procure and maintain. The DOJ alleges that Mabna would then sell or distribute the stolen data to Iranian universities and other clients.

“Hostile individuals, organizations and nation-states have taken note of our success — they increasingly attempt to profit from America’s ingenuity by infiltrating our computer systems, stealing our intellectual property and evading our controls on technology exports,” says Deputy Attorney General Rod Rosenstein. “When hackers gain unlawful access to computers, it can take only a few minutes to steal discoveries produced by many years of work and many millions of dollars of investment. That type of criminal activity does not just cause economic harm. It also threatens our national security.”

The indictments come two years after the DOJ leveled charges against seven other Iranians for similar attacks against the U.S. financial sector.

According to Adam Meyers, vice president of intelligence at CrowdStrike, “The theft of universities’ intellectual property is part of an apparent effort by Iran to obtain information that is denied to them because of existing sanctions.” Myers says that over the years Iranian hackers have zeroed in on U.S. research related to aviation, defense, energy, finance, manufacturing, telecommunications and high-tech.

“We will not tolerate the theft of U.S. intellectual property, or intrusions into our research institutions and universities,” says U.S. Treasury Undersecretary Sigal Mandelker. “Treasury will continue to systematically use our sanctions authorities to shine a light on the Iranian regime’s malicious cyber practices, and hold it accountable for criminal cyberattacks.”

Source: SC Media

Posted under: Tech Transfer e-News

Twitter Facebook Linkedin Pinterest Email

No Comments so far ↓

There are no comments yet...Kick things off by filling out the form below.

Leave a Comment