BREAKING: DOJ indicts nine Iranians in a "massive" hacking scheme on behalf of Tehran.
Hackers stole >31.5 terabytes of data from 144 U.S. universities, 176 foreign universities, the UN, and five US govt agencies.
DAG Rosenstein announcing now: justice.gov/live
Hackers stole >31.5 terabytes of data from 144 U.S. universities, 176 foreign universities, the UN, and five US govt agencies.
DAG Rosenstein announcing now: justice.gov/live
The Treasury Department has sanctioned the nine Iranian hackers, as well as a tenth, Behzad Mesri, indicted last November for hacking HBO.
The data stolen from American universities was worth about $3.4 billion.
No dollar figure for the IP stolen from foreign universities.
No dollar figure for the IP stolen from foreign universities.
Rosenstein: “The events described in this indictment highlight the need for universities and all other organizations to emphasize cybersecurity, increase threat awareness, and harden their computer networks.”
Rosenstein: “This type of public identification helps to deter state-sponsored computer intrusions by stripping hackers of their anonymity and by imposing real consequences.”
My initial story: "U.S. busts 'massive' Iranian hacking scheme": politicopro.com/education/arti…
The Iranian campaign is "one of the largest state-sponsored hacking campaigns ever prosecuted by the Department of Justice," says Geoffrey Berman, the U.S. attorney for the Southern District of New York.
Berman to Iranian hackers: "We have worked tirelessly to identify you, and you cannot hide behind a keyboard halfway around the world and expect not to be held to account."
Berman: “At the crux of this case is the fact that the government of Iran systematically and methodically hacked into our country’s computer networks with the intent to steal as much information as possible.”
Here is the wanted poster for the nine Iranians indicted today
FBI Deputy Director David Bowdich: “Some may ask, ‘Why would you pursue people you may never get your hands on?’ … It is not impossible. We’ve done it before. We’ll do it again."
"People travel. They take vacations. They make plans with their families," Bowdich adds. "And having your name, face, and description on a wanted poster makes moving freely much more difficult.”
Under Secretary of the Treasury for Terrorism and Financial Intelligence Sigal Mandelker notes that the IRGC, which directed the hacking campaign, has been sanctioned four times in the U.S. already.
Mandelker says this hacking campaign is the latest “extraordinary example of the Iranian regime’s willingness to use cyber-enabled and other illicit means to enrich itself and attack companies and countries across the globe.”
Rosenstein says that not all victims knew they had been breached. “In many cases, we actually notified the victims.”
Reporter asks, What is the federal government doing to prevent and deter malicious cyber activity?
Rosenstein: “This administration is in its second year, and we are doing quite a lot. … You don’t see the attacks that have been deterred.”
Rosenstein: “This administration is in its second year, and we are doing quite a lot. … You don’t see the attacks that have been deterred.”
Rosenstein: “We’re going to continue to pursue this strategy" of indicting and sanctioning. "I think that it will have an impact.”
Here is the Justice Department press release with the full details of the Iranian hacker indictments: justice.gov/opa/pr/nine-ir…
Our story, with updates coming:
U.S. busts 'massive' Iranian hacking scheme: politico.com/story/2018/03/…
U.S. busts 'massive' Iranian hacking scheme: politico.com/story/2018/03/…
To break into professors' email accounts, the hackers did research into targets' areas of expertise, then emailed them pretending to be other professors saying "Loved your article! What do you think of this one?"
They'd link to a purported article on the same topic.
They'd link to a purported article on the same topic.
But the link would take the victim to a page that looked like their own university email login page.
The idea was to make professors think they'd accidentally logged out of their email, so they'd enter their credentials.
The idea was to make professors think they'd accidentally logged out of their email, so they'd enter their credentials.
Of the 7,998 professors hacked, 3,768 were at American universities.
The Iranian hackers also breached at least 36 U.S. companies and at least 11 foreign companies (in Germany, Italy, Switzerland, Sweden, and the UK).
Here are general descriptions of the American company victims.
Here are general descriptions of the American company victims.
For the intrusions into these companies, the Iranian hackers took an even simpler approach: They harvested names and email addresses of employees and tried commonly used passwords.
Sometimes they set up auto forwarding so new emails would also go to accounts they controlled.
Sometimes they set up auto forwarding so new emails would also go to accounts they controlled.
UK joins U.S. in blaming Iranian hackers for wide-ranging cyberattacks on universities and businesses
