WASHINGTON — The U.S. Justice Department on Friday revealed charges against an Iranian hacking ring that prosecutors say spent years pilfering research and documents from over 300 universities worldwide as well as several U.S. government agencies.
Geoffrey Berman, the U.S. attorney for the Southern District of New York, in a statement called it a “massive and brazen cyberassault” and “one of the largest state-sponsored hacking campaigns ever prosecuted” by U.S. officials.
The U.S. Justice Department said countries affected included EU members Denmark, Finland, Germany, Ireland, Italy, the Netherlands, Poland, Spain, Sweden and the U.K.
The case is the second time the U.S. Justice Department has indicted hackers for intrusions on behalf of the Iranian government, coming almost exactly two years after DOJ indicted seven Iranians for a series of coordinated cyberattacks against the U.S. financial sector and for infiltrating a New York dam in 2013.
But Friday’s charges represent the takedown of a broader — and more purposeful — digital theft campaign.
DOJ specifically targeted the Iran-based Mabna Institute, which it says was founded in 2013 “to assist Iranian universities and scientific and research organizations in stealing access to non-Iranian scientific resources.”
Over the course of four years, prosecutors say, hackers working for the Mabna Institute stole at least 31 terabytes of data from 144 American universities, totaling $3.4 billion in intellectual property. The group also cracked into 176 foreign universities, DOJ said.
Beyond universities, the Iranians hit five U.S. government agencies, including the state governments in Hawaii and Indiana, as well as the Federal Energy Regulatory Commission, which oversees the energy industry, and the Department of Labor.
The group also infiltrated the United Nations and the United Nations Children’s Fund, DOJ said.
In total, prosecutors indicted nine Iranians for participating in the scheme, which continued until at least December 2017, according to a release.
Over those years, the indicted Mabna hackers breached the email accounts of roughly 8,000 professors.
The hackers conducted “many” of the intrusions “on behalf of” Iran’s Islamic Revolutionary Guard Corps, “as well as other Iranian government and university clients,” according to DOJ.
“The hackers targeted innovations and intellectual property from our country’s greatest minds,” Berman said.
The U.S. Treasury Department also slapped sanctions on the Mabna Institute and the nine charged individuals.
While none of the charged hackers have been detained, Berman said the indictments would restrict their lives.
“The only way they will see the outside world is through their computer screens, but stripped of their greatest asset — anonymity,” he said.
Laurens Cerulus contributed reporting.
CLARIFICATION: The case is the second time the U.S. Justice Department has indicted hackers who conducted intrusions of behalf of the Iranian government. DOJ has indicted other hackers with past links to the Iranian government.