On Friday, the German magazine Der Spiegel reported that Iranian regime’s hackers targeted at least 23 German universities as part of a global cyber-attack and stole unpublished research, dissertations, and conference reports.
The report further stated that the cyber-attacks started in 2014, and can be traced back to the Tehran Mabna Institute, a private company linked to Iran’s powerful Islamic Revolutionary Guard Corps (IRGC). The statement also said, “They hacked the computer systems of approximately 320 universities in 22 countries. 144 of the victims are American universities. The defendants stole research that cost the universities approximately $3.4 billion to procure and maintain.”
Nine employees working there were accused of hacking into U.S. universities, companies, and state agencies, by the United States Department of Justice in March of 2018.
Allegedly, the hackers also broke into the accounts of employees of U.S. government and non-governmental entities, including the Department of Labor, the Federal Energy Regulatory Commission, the states of Hawaii and Indiana, Indiana’s Department of Education, the United Nations, and the United Nations Children’s Fund.
The hacking was conducted at the behest of Iran, according to U.S. officials at that time, and Mabna Institute is believed to function as a contractor for the Revolutionary Guards. Sigal Mandelker, the Treasury’s undersecretary for terrorism and financial intelligence, observed last month, “The IRGC plays a central role in Iran’s maligned activities across the world, including fomenting terrorism.”
The German Federal Prosecutor’s Office has now launched an investigation into foreign espionage.
U.S. cybersecurity specialist and ex-FBI man, Crane Hassolder has said, “It’s the largest cyber-attack I know of anywhere in the world.” Since last December, his company has been investigating the attacks, and according to Hassolder, the hackers sent a phishing mail to the university mailboxes, where scientists were asked to click on a link. Recently, Hassolder’s company discovered 46 new phishing sites in six different countries. “The hackers have not stopped,” he said, “the attack continues.”
According to its parliamentary committee on intelligence affairs, Germany’s government IT network is also under an “ongoing” cyber attack. “It is a real cyber-attack on parts of the government system. It’s an ongoing process, an ongoing attack,” said Armin Schuster, chairman of the committee, adding that no further details could be given to avoid passing crucial information on to the attackers.
Experts warn that despite the ongoing investigation, the authorities have so far failed to contain Iran’s malign activities.