The British government says it concurs with charges contained in an indictment announced Friday by the U.S. Department of Justice against multiple Iranians.
The indictment, unsealed Friday, charges nine Iranian nationals with stealing more than 31 terabytes of data from 320 universities in 22 countries – including 144 U.S. institutions – as well as multiple businesses and government agencies. The individuals face computer intrusion, wire fraud and identity theft charges (see 9 Iranians Indicted for Massive Hacking Scheme).
Two of the defendants allegedly founded an Iranian organization called the Mabna Institute for the purpose of “acquiring” scientific research from other countries and funneling it to the branch of Iran’s armed forces called the Islamic Revolutionary Guard Corp., prosecutors allege. The IRGC allegedly made use of the information and also profited by selling it to others inside Iran.
“What is alleged in the indictment is that the Mabna Institute was working essentially as a contractor for the Iranian government,” Deputy Attorney General Rod Rosenstein said in a Friday press conference in Washington. “The allegation in the indictment is that the evidence will demonstrate that the Mabna Institute was working on behalf of the IRGC and that the IRGC benefited from the information that was stolen in the cyber hacking.”
The U.K.’s National Cyber Security Center, part of intelligence agency GCHQ, says it assesses with “high confidence” that Iran’s Mabna Institute ran a hacking campaign that targeted U.K., U.S. and other Western nations’ universities and businesses “primarily for the purposes of intellectual property theft.”
“The U.K. government judges that the Mabna Institute based in Iran was responsible for a hacking campaign targeting universities around the world. By stealing intellectual property from universities, these hackers attempted to make money and gain technological advantage at our expense,” says Tariq Ahmad, Britain’s Foreign Office minister for cybersecurity.
“We welcome the U.S. indictments. It demonstrates our willingness and ability to respond collectively to cyberattacks using all levers at our disposal,” he adds. “The focus on universities is a timely reminder that all organizations are potential targets and need to constantly strive for the best possible cybersecurity.”
To read the original article: