$3.4B global college hack
NINE STATE-sanctioned Iranian hackers outsmarted thousands of university professors from around the globe.
An email scam targeting educators in the U.S. and 21 other nations provided the hackers with access to 15 billion pages of intellectual property and stolen data valued at $3.4 billion, authorities charged.
The allegations were leveled Friday morning against the cyber-suspects affiliated with the Mabna Institute — a cover created on behalf of the Islamic Revolutionary Guard Corps.
“When hackers gain unlawful access to computers, it can take only a few minutes to steal discoveries produced by many years of work and many millions of dollars,” said U.S. Deputy Attorney General Rod Rosenstein.
The fugitive suspects also hacked their way into five federal and state government agencies — and 47 private sector companies, according to the indictment.
The infiltrated agencies included the United Nations, the Department of Labor, the Federal Energy Regulatory Commission, and the states of Indiana and Hawaii.
The hacking scheme, described by investigators as one of the largest in history, ran from at least 2013 to December 2017, the indictment alleges.
In addition to the 144 U.S. colleges, the hackers targeted 176 other universities overseas, including in China, England and South Korea, according to a newly unsealed indictment.
The plan was simple, with professors who clicked on an email link steered to an domain where their logins were stolen and illegally reused, authorities said.
About 8,000 of the instructors fell for the bait — typically a bogus link to a colleague’s supposed “work.” But as Deputy FBI Director David Bowdich noted, education was hardly part of the plot.
“Just in case you’re wondering, they’re not admiring our work,” he said. “They’re stealing it, and they’re taking credit for it, and they’re selling it to others.”
Manhattan U.S. Attorney Geoffrey Berman issued a warning to the nine wanted men (photo) that the American judicial system was intent on locking them up.
“We have worked tirelessly to identify you and you cannot hide behind a keyboard,” said Berman. “We will do all we can to bring you to justice.”
The institute was founded by Gholamreza Rafatnejad and Ehsan Mohammadi, who were charged with contracing the “hackers for hire and other contract personnel to conduct cyber instrusions to steal academic data,” the indictment charged.
The government agencies and businesses were all infiltrated with the same basic spear-phishing emails, investigators said.
The Treasury Department also announced sanctions against the institute and suspects with the intent of limiting their ability to operate outside of Iran.
The odds of getting the as-yet unarrested hackers into an American court are long, but authorities said they hope to make life difficult for the nine suspects by publicly identifying them.
“People travel,” said Bowdich. “They take vacations, they make plans with their families. Having your name, face and description on a ‘Wanted’ poster makes moving freely much more difficult.”
Each suspect was charged with an assortment of allegations, including everything from aggravated identity theft to conspiracy to commit computer intrusions.
If arrested, tried and convicted of all counts, the suspects could face more than 60 years in prison.