10 April 2018

US charges Iranians over $3.4 billion cyber theft campaign

The US has charged nine Iranians with theft of $3.4 billion in trade secrets, data and intellectual property.

The US Justice Department has charged nine Iranians with conducting a massive cyber theft campaign on behalf of the Islamic Revolutionary Guard Corps. The Iranians were working for a research unit called the Mabna Institute. They are accused of stealing over $3.4 billion of trade secrets, data and intellectual property from American government agencies, universities and companies in a sustained cyberattack since 2013, according to an indictment unsealed Friday. The Justice Department alleges a total 15 billion pages of data were stolen from at least 144 US universities, 176 universities across 21 foreign countries, 47 domestic and foreign private sector companies, the US Department of Labor, the Federal Energy Regulatory Commission, the states of Hawaii and Indiana, the United Nations and the United Nations Children’s Fund.

Hacking campaign

'Today, in one of the largest state-sponsored hacking campaigns ever prosecuted by the Department of Justice, we have unmasked criminals who normally hide behind the ones and zeros of computer code,' said US Attorney Geoffrey Berman. The indictment claims: 'Through the defendants’ activities, the Mabna Institute stole more than 31 terabytes of academic data and intellectual property from universities, and email accounts of employees at private sector companies, government agencies, and non-governmental organisations.'

No diplomatic relations

The suspects live in Iran and will not be extradited, while the United States and Iran have no diplomatic relations. Given any arrests are unlikely, the Justice Department is using the indictment to signal to the Iranian government they have crossed a line. However, the Iranians risk arrest if they travel.

US companies fear being targeted

The Trump administration is threatening to withdraw from the Iran nuclear deal, leading American companies to fear they will be increasingly targeted by cyberattacks from Iran, including critical infrastructure in the US. The US Justice Department statement can be found here.