U.S. accuses Iran of long scheme to hack into U.S. universities, governments
An Iranian consulting firm worked for years to steal secrets from universities and companies in the U.S. and around the globe, even hacking into the U.S. Department of Labor and the United Nations, according to an indictment unveiled Friday.
The Mabna Institute, based in Tehran, worked for Iran’s Islamic Revolutionary Guard Corps and other clients in the Iranian government to steal academic research, proprietary secrets and government data, the indictment claims. The hacking went on since at least 2013, the Justice Department said.
The company is also accused of breaching the computers of the Federal Energy Regulatory Commission and the states of Hawaii and Indiana.
A grand jury meeting in the southern district of New York charged nine people, all of them living in Iran. The Treasury Department also announced sanctions against the company and the employees.
The hackers used stolen account credentials to access university professors’ accounts and allegedly stole journals, dissertations and electronic books in science and technology, engineering, medical and other fields. The leaders of the company sold the material through two affiliated websites, according to the indictment. One firm sold a professor’s log-in information that allowed access to online library systems.
Deputy Atty. Gen. Rod Rosenstein said the hackers penetrated 320 universities around the world, including 144 in the U.S. He said universities are “prime targets” for cybercriminals.
By tricking professors into clicking on false links, the hackers got into 8,000 accounts, said Geoffrey Berman, interim U.S. attorney in Manhattan, saying the hackers stole “innovations and intellectual property of some of our country’s greatest minds.”
While it does not yet have the sophistication of hackers in Russia or China, Iranian government-sponsored hacking poses a growing threat. One recent study from the Carnegie Endowment for International Peace found that “offensive cyber operations have become a core tool of Iranian statecraft,” sponsored by the government intelligence apparatus.
The hacking is “just the latest example of the Iranian regime’s willingness to use techniques to enrich itself and attack companies and countries around the globe,” said Sigal Mandelker, a Treasury Department undersecretary.
Justice officials would not discuss how the FBI discovered the operation, or how it determined its alleged links to the Iranian government. In some cases, victims reported the hacking and reported it, Rosenstein said.
“Today, not only are we publicly identifying the foreign hackers who committed these malicious cyber intrusions, but we are also sending a powerful message to their backers, the government of the Islamic Republic of Iran: Your acts do not go unnoticed,” FBI Director Christopher Wray said in a statement.
The nine defendants, including company founders Gholamreza Rafatnejad and Ehsan Mohammadi, were charged with conspiracy, wire fraud and identity theft. But since Iran does not have an extradition treaty with the U.S., it’s unlikely they will face trial, unless they leave the country.
Twitter: @jtanfani
Get the L.A. Times Politics newsletter
Deeply reported insights into legislation, politics and policy from Sacramento, Washington and beyond. In your inbox three times per week.
You may occasionally receive promotional content from the Los Angeles Times.
