The Department of Justice has alleged that nine hackers with ties to the Iranian government engaged in a massive cybertheft scheme to steal scientific data and intellectual property from hundreds of U.S. and foreign universities, private companies and government agencies.
The indictment unsealed Friday by the Justice Department claims there is a direct connection between the nine defendants and Iran’s Islamic Revolutionary Guard Corps, its chief intelligence-gathering authority.
Deputy Attorney General Rod Rosenstien said the stolen information was used by the Revolutionary Guard or sold for profit in Iran.
In connection with the charges, the Treasury Department designated the defendants and an Iranian company for sanctions.
The indictment alleges the defendants, all Iranian citizens and residents, worked for the Teheran-based Mabna Institute. Founded by two of the defendants in 2013, the Justice Department contends the institute was specifically created to steal intellectual property from universities and companies across the globe.
All told, more than 144 U.S. universities, 176 universities across 21 foreign countries, 36 U.S.-based private companies, 11 foreign private companies, the U.S. Department of Labor, the Federal Energy Regulatory Commission and the states of Hawaii and Indiana were among the cybertheft victims. Authorities speaking at a press conference to announce the charges declined to identify any of the universities or companies.
The United Nations and its Children’s Fund were also hacked, according to the Justice Department.
Between 2013 and 2017, the Mabna Institute targeted more than 100,000 professors worldwide and successfully compromised 8,000 of them, said Geoffrey Berman, U.S. Attorney for the Southern District of New York. where the defendants have been charged.
The hackers stole at least roughly 31,5 terabytes of academic data and intellectual property — said to be the equivalent of 1.5 billion pages of research — with a total value of $3.4 billion, Mr. Berman said. Research from all fields, including science, technology, engineering, social science, medical and other professional fields was targeted, according to the indictment.
“This is not just raw data, it is the innovations and intellectual property some of our companies created,” Mr. Berman said Friday while announcing the charges to reporters.
To access the counts, the defendants developed a sophisticated plan to send emails to academics that appeared to come from other university professors expressing interest in their work, according to the indictment. The emails were actually links to websites that mirrored the professor’s login page, which was then used by the hackers to steal professors’ passwords and access their accounts, prosecutors said.
In total, the value of the stolen data was roughly $3.4 billion.
“These were funded by your tax dollars and student tuitions,” said FBI Deputy Director David Bodwich. “That means people in this country were paying for it.”
For private sector and government hacks, the defendants collected email addresses on the computer and tried various password combinations on those accounts, according to the indictment. That enabled the hackers to steal entire inboxes, the government said.
During the Friday announcement, officials emphasized links between the defendants and the Iranian government.
“Do not forget at the crux of this case is that the government of Iran systematically and methodically hacked into our government systems to steal as much information as possible,” Berman said.
The nine individuals are each charged with one count of conspiracy to commit computer intrusions, one count of conspiracy to commit wire fraud, two counts of unauthorized access of a computer, two counts of wire fraud and one count of aggravated identity theft. If convicted on all counts, the defendants could face as much as 52 years in prison.
Authorities did not provide any details Friday on how the scheme was discovered.
It is unlikely that the defendants will ever face charges in the United States. There is no extradition treaty with Iran and it is doubtful that country would voluntarily turn them over. But the Justice Department remains confident that by exposing the defendants, they can prevent future attacks.
“As a result of the indictment, the defendants are now fugitives from justice,” Mr. Rosenstein said. “There are more than 100 countries where they cannot travel without fear of arrest and extradition. And, thanks to the Treasury Department, the defendants will find it difficult to engage in business or financial transactions outside of Iran.”
The charges come as President Trump shakes up his national security team. Last week, he fired Secretary of State Rex Tillerson, while H.R. McMaster, Mr. Trump’s national security adviser, resigned Thursday.