In its latest drumbeat against the cyber activities of Iran[1], the US government Friday charged nine Iranian hackers with a massive three-year campaign to penetrate and steal more than 31 terabytes of information—totaling more than $3 billion in intellectual property—from more than 300 American and foreign universities.
The effort, detailed in a 21-page indictment unsealed Friday, amounted to “one of the largest state-sponsored hacking campaigns ever prosecuted by the Department of Justice,” said Geoffrey Berman, the US Attorney for the Southern District, which brought the case. The effort netted a lengthy list of victims, including 144 universities based in the US, and another 176 spread across 21 foreign countries. The group also hit 47 private sector companies, government targets as varied as the US Department of Labor, the Federal Energy Regulatory Commission, and the states of Hawaii and Indiana, along with the United Nations.
The hacking campaign focused on a Tehran-based organization called the Mabna Institute, which served as a clearinghouse for contractors and hackers-for-hire who were tasked with penetrating and stealing data, intellectual property, and the contents of professors’ email inboxes. According to the FBI’s investigation, two of the defendants—Gholamreza Rafatnejad and Ehsan Mohammadi—founded the Mabna Institute around 2013. “While the company’s name may sound legitimate, the so-called institute was set up for one reason only: To steal scientific resources from other countries around the world,” Berman said.
Rafatnejad organized the hacking efforts and coordinated with Iran’s Islamic Revolutionary Guard Corps, while Mohammadi served as Mabna’s managing director.
“This case is critically important because it will disrupt the activities of the Institute and it will deter similar crimes by other perpetrators. The indictment publicly identifies the conspirators. In this time of public identification, it helps to deter state-sponsored computer intrusions by stripping hackers of their