The United States on Friday charged and sanctioned nine Iranians and an Iranian company for attempting to hack into hundreds of universities worldwide, dozens of firms and parts of the US government, including its main energy regulator, on behalf of Tehran’s government between 2013 to 2017.
US officials claimed that the nine Iranian worked on behalf of the Iranian Revolutionary Guards to carry out the hacking.
The US Treasury Department said it was placing sanctions on the nine people and the Mabna Institute, a company US prosecutors characterised as designed to help Iranian research organisations steal information. It is unlikely that the accused Iranians would be prosecuted in an American court because there is no extradition treaty between the US and Iran.
According to the Justice Department, the group breached computer systems at 144 American universities and 176 universities in 21 other countries, 47 American and foreign companies, the US Department of Labour, the Federal Energy Regulatory Commission, the State of Hawaii, the State of Indiana and the United Nations.
US Deputy Attorney General Rod Rosenstein said the nine Iranians were considered fugitives who may face extradition in more than 100 countries if they travel outside Iran.
US Deputy Attorney General Rod Rosenstein said: “The Department of Justice will aggressively investigate and prosecute hostile actors who attempt to profit from America’s ideas by infiltrating our computer systems and stealing intellectual property.”
The case “will disrupt the defendants’ hacking operations and deter similar crimes,” he added.
The hackers were not accused of being directly employed by Iran’s government. They were instead charged with criminal conduct waged primarily through the Mabna Institute on behalf of the Islamic Revolutionary Guard Corps, the elite military force assigned to defend Iran’s Shia theocracy from internal and external threats.
In Tehran, Iran’s foreign ministry spokesman Bahram Qasemi denounced the move as “provocative, illegitimate, and without any justifiable reason and another sign of the hostility of the (US) ruling circles towards the Iranian nation”, state news agency IRNA said.
The targeting of the Federal Energy Regulatory Commission, or FERC, was a matter of special concern, US Attorney Geoffrey Berman said, because it oversees the interstate regulation of energy and holds details of some of the country’s “most sensitive infrastructure.”
Hackers targeted email accounts of more than 100,000 professors worldwide, half in the United States, and compromised about 8,000, prosecutors said. Hackers also targeted the US Labour Department, the United Nations and the computer systems of the US states Hawaii and Indiana, prosecutors said.
Friday’s actions are part of an effort by senior cyber security officials at the White House and across the US government to blame foreign countries for malicious hacks.
They were announced a day after US President Donald Trump named John Bolton, a former US ambassador to the United Nations who is deeply skeptical of the 2015 international nuclear accord with Iran, as his new national security adviser.
Trump himself has repeatedly cast doubt on the nuclear deal, in which the US and other world powers eased sanctions in exchange for Tehran putting limits on its nuclear program.