US disrupts 'massive and brazen' Iranian hacking scheme, DOJ says

The Trump administration alleged Friday that Iranian government-linked hackers broke into the accounts of roughly 8,0...

Posted: Mar 23, 2018 5:24 PM
Updated: Mar 23, 2018 5:24 PM

The Trump administration alleged Friday that Iranian government-linked hackers broke into the accounts of roughly 8,000 professors at hundreds of US and foreign universities, as well as private companies and government entities, to steal massive amounts of data and intellectual property.

The indictment unveiled by the Department of Justice on Friday directly links the individuals charged with the hacks to the Iranian government, saying the perpetrators were working for Iran's Islamic Revolutionary Guard Corps and other government clients.

Along with the charges, the Treasury Department designated the nine Iranians and the company they worked for, the Mabna Institute, for sanctions.

The move from the Justice Department and Treasury follows other US efforts to indict foreign government-linked cyberattackers, including special counsel Robert Mueller's indictment of Russian operatives for meddling in the 2016 US election, and the Obama administration's indictment of Chinese military members for the government-sponsored hacking of US companies.

It also comes at a time of tension with Iran, long an adversary of the US. As President Donald Trump reshuffles his national security and diplomacy team, including firing Secretary of State Rex Tillerson and national security adviser H.R. McMaster, experts speculate Trump may be laying the groundwork to pull out of the Iran nuclear deal that the Obama administration negotiated, though Iran's cyber efforts were not part of that deal.

According to the charges, which include conspiracy to commit computer intrusions, wire fraud, unauthorized access of a computer and aggravated identity theft and could carry a maximum sentence of upwards of four decades in prison, the nine alleged hackers carried out a sophisticated worldwide campaign since at least 2013 to pull off their cyberheist of more than 30 terabytes of academic data and other sensitive information.

The indictment alleges the Mabna Institute targeted more than 100,000 professors worldwide and succeeded in compromising 8,000 of them, spread across 144 US-based universities and 176 foreign universities. In their crosshairs were various types of intellectual property, including academic journals, dissertations and electronic books.

To break into the accounts, the sophisticated campaign started by studying each target in a reconnaissance phase, then using that information to send specialized emails to the targets that appeared to come from other university professors expressing interest in a recently published work, with links to other research that were actually links to malicious websites that would mimic the professor's login page and steal his or her login information and use it to access their accounts.

The hackers also allegedly broke into the accounts of employees of US government and non-governmental entities, including the Department of Labor, the Federal Energy Regulatory Commission, the states of Hawaii and Indiana, Indiana's Department of Education, the United Nations, and the United Nations Children's Fund. Once inside, the hackers allegedly stole the entire email inbox.

Other victims included employees of 36 US-based companies and 11 companies outside the US in a wide range of industries, including academic publishers, media and entertainment entities, a law firm, tech companies, and consulting and marketing firms.

The tactic for the private-sector and governmental hacks was much less sophisticated, according to the indictment. The hackers allegedly used "password spraying": They collected email addresses they could find on the internet and then simply tried common passwords on those accounts, stealing email inboxes if they managed to get in.

It is unlikely that any of the individuals named in the indictment will ever see the inside of a US jail or courtroom. It is also unlikely that foreign governments without extradition treaties with the US would give up their citizens to stand trial, and once the indictment is unsealed, the individuals named in it are unlikely to travel to countries that could extradite them to the US.

Still, federal prosecutors hope that by exposing the hacking operations, they can deter the behavior and make clear their ability to trace it back to its source.

Terre Haute
Clear
47° wxIcon
Hi: 49° Lo: 28°
Feels Like: 47°
Robinson
Clear
47° wxIcon
Hi: 48° Lo: 26°
Feels Like: 47°
Indianapolis
Clear
46° wxIcon
Hi: 48° Lo: 30°
Feels Like: 46°
Rockville
Clear
45° wxIcon
Hi: 48° Lo: 29°
Feels Like: 43°
Casey
Clear
46° wxIcon
Hi: 48° Lo: 29°
Feels Like: 46°
Brazil
Clear
47° wxIcon
Hi: 48° Lo: 28°
Feels Like: 47°
Marshall
Clear
47° wxIcon
Hi: 49° Lo: 28°
Feels Like: 47°
Sunny and Calm Saturday
WTHI Planner
WTHI Temps
WTHI Radar

WTHI Events

 

Illinois Coronavirus Cases

(Widget updates once daily at 7 p.m. CT)

Cases: 705063

Reported Deaths: 12685
CountyCasesDeaths
Cook2988706476
DuPage44035777
Will37864560
Lake36375629
Kane31136461
Winnebago18509262
Madison14013242
McHenry13979156
St. Clair12956257
Champaign1061957
Sangamon993799
Peoria8880129
Rock Island8444134
Kankakee8438103
McLean819054
Tazewell6625102
Macon6370131
Kendall613347
LaSalle5975133
DeKalb488147
Adams465148
Boone383633
Vermilion380150
Whiteside3668109
Williamson351080
Coles326458
Clinton324761
Ogle279135
Knox275462
Effingham269621
Grundy269418
Jackson261136
Henry260615
Marion241751
Stephenson241534
Livingston221226
Randolph218826
Morgan215636
Macoupin211517
Bureau207842
Monroe202045
Franklin199525
Lee196334
Christian185443
Jefferson183159
Woodford170627
Logan165813
Fayette165029
Iroquois163426
McDonough156240
Fulton141611
Shelby135026
Douglas132716
Jersey120924
Union116428
Montgomery112619
Crawford109813
Saline109025
Jo Daviess106217
Warren106220
Perry105423
Carroll104724
Bond102110
Lawrence101710
Pike99427
Cass94823
Hancock94012
Wayne87633
Moultrie87510
Clay81820
Greene80929
Clark78620
Edgar77815
Piatt7645
Richland73819
Ford73222
Mercer73010
Mason70219
Johnson7016
Washington6712
Jasper63411
Cumberland60916
De Witt60017
White5878
Massac5833
Wabash5348
Menard4571
Unassigned4270
Pulaski4072
Marshall3926
Hamilton3783
Brown3203
Henderson2790
Schuyler2661
Alexander2522
Stark2523
Putnam2420
Calhoun2310
Scott2310
Edwards2233
Gallatin1883
Hardin1461
Pope971
Out of IL110

Indiana Coronavirus Cases

(Widget updates once daily at 8 p.m. ET)

Cases: 324537

Reported Deaths: 5594
CountyCasesDeaths
Marion44186858
Lake28094462
Allen18660301
Elkhart17663230
St. Joseph17256234
Hamilton13612170
Vanderburgh10028121
Tippecanoe896729
Porter855386
Johnson6718169
Hendricks6412158
Vigo625889
Monroe550450
Clark531078
Madison5239122
Delaware5075103
LaPorte481196
Kosciusko475941
Howard364177
Bartholomew335365
Warrick335372
Floyd329478
Wayne325678
Marshall311846
Cass303931
Grant287150
Hancock272957
Noble264946
Henry256437
Boone255054
Dubois245631
Dearborn228231
Jackson226334
Morgan221243
Gibson194926
Knox193021
Shelby192656
Clinton185421
DeKalb183932
Lawrence183849
Wabash172821
Adams172422
Miami170815
Daviess163145
Fayette153734
Steuben153414
Jasper151713
Montgomery149327
Harrison147624
LaGrange146131
Ripley145815
Whitley142314
Huntington133510
Decatur132543
Putnam131128
White131022
Wells130130
Clay130023
Randolph128121
Posey125816
Jefferson124116
Scott114520
Greene106053
Sullivan102716
Jay101913
Starke95022
Jennings90414
Spencer8908
Fulton87519
Perry85121
Fountain8228
Washington8127
Franklin73427
Carroll71913
Orange70028
Vermillion6607
Owen6468
Tipton60327
Parke6026
Newton57812
Rush5708
Blackford56612
Pike52719
Pulaski41815
Martin3705
Benton3643
Brown3574
Crawford3081
Union2782
Switzerland2655
Warren2562
Ohio2387
Unassigned0266