Feds Charge Nine Iranians In Hacking Case

Cybersecurity

In one of the Department of Justice’s (DOJ) largest state-sponsored cyberattack cases, federal prosecutors have unsealed criminal charges involving nine Iranians who allegedly stole data from organizations in the U.S. and overseas, The Wall Street Journal reported.

Prosecutors said over 31 terabytes were stolen from 144 U.S. universities, 36 U.S. businesses and five U.S. government agencies for financial gain. While the defendants have not been arrested and are reportedly abroad, they face multiple charges, such as wire fraud and conspiracy to commit computer intrusions.

According to officials, the defendants were connected with the Mabna Institute — a company that was reportedly founded to gain access to scientific data. The defendants allegedly sought access to 100,000 email accounts belonging to college professors. Through their efforts, they gained access to about 8,000 of them.

The news comes two years after Iranians who were employed by Islamic Revolutionary Guard Corps-affiliated entities were indicted on charges of computer hacking related to numerous coordinated distributed denial of service (DDoS) attacks against the U.S. financial sector, which barred online service through an overwhelming flow of traffic from multiple sources.

In a press release, the DOJ said those individuals were charged by a grand jury in the Southern District of New York and were accused of launching an extensive campaign of DDoS attacks against 46 victims between late 2011 and mid-2013.

One of the accused individuals was also charged with obtaining unauthorized access to the Supervisory Control and Data Acquisition systems of the Bowman Dam in Rye, New York, during August and September of 2013.

According to the DOJ, the attacks distributed by the accused individuals not only disabled victim’s bank websites, but they also had another effect: The hacks barred customers from gaining access to their online accounts. The impacts of the attacks reportedly cost victims tens of millions of dollars as they had to mitigate the attacks on their servers.