Deputy FBI Director David Bowdich said during a presser Friday that “The government of Iran systematically and methodically hacked into our country’s computer networks with the intent to steal as much information as possible.”
Nine hackers have been charged along with an Iranian-based company. Over the course of four years, hackers working for the Mabna Institute stole at least 31 terabytes of data from 144 U.S. universities, totaling $3.4 billion in intellectual property. They also cracked into 176 foreign universities and five government agencies.
The group hit five U.S. government agencies, including the state governments in Hawaii and Indiana, as well as the Federal Energy Regulatory Commission, which oversees energy and labor.
These nation-state actors were getting a free education while doing it. The prior administration gave billions in cash and gold to these same bad actors.
They breached the email accounts of roughly 8,000 professors. The Iranian hackers also breached at least 36 U.S. companies and at least 11 foreign companies. Germany, Italy, Switzerland, Sweden, and UK companies were among the victims.
Some victims didn’t even know they were hacked.
The Iranian campaign is “one of the largest state-sponsored hacking campaigns ever prosecuted by the Department of Justice,” says Geoffrey Berman. Berman is the U.S. attorney for the Southern District of New York. “The events described in this indictment highlight the need for universities and all other organizations to emphasize cybersecurity, increase threat awareness, and harden their computer networks.”
Nine Iranian State Actors Charged In Hacking
Nine Iranians were charged with conducting massive cyber theft campaign on behalf of the Islamic Revolutionary Guard Corps. The Mabna Institute is also guilty and is being sanctioned.
Under Secretary of the Treasury for Terrorism and Financial Intelligence Sigal Mandelker notes that the IRGC has been sanctioned four times in the U.S. already. The IRGC directed the hacking.
For the intrusions into companies, the Iranian hackers took on simple approaches. They harvested names and email addresses of employees and tried commonly used passwords.
Sometimes they set up auto-forwarding so new emails would also go to accounts they controlled.