The United States on Friday announced criminal charges and sanctions against nine Iranians and an Iranian company for attempting to hack into hundreds of universities worldwide, dozens of companies and parts of the U.S. government, including its main energy regulator, on behalf of Tehran’s government.
The cyber attacks, beginning in at least 2013, pilfered more than 31 terabytes of academic data and intellectual property from 144 U.S. universities and 176 universities in 21 other countries, the U.S. Department of Justice said, describing the conspiracy as one of the largest state-sponsored hacking sprees prosecuted.
The U.S. Treasury Department said that it was placing sanctions on the nine accused individuals and the Mabna Institute, a company described by U.S. prosecutors as designed to help Iranian research organizations steal information.
“These defendants are now fugitives of justice,” U.S. Deputy Attorney General Rod Rosenstein said at a press conference. Rosenstein said they may face extradition in more than 100 countries if they travel outside of Iran.
The hackers were not accused of being directly employed by Iran’s government. They were instead charged with criminal conduct waged primarily through the Mabna Institute on behalf of the Islamic Revolutionary Guard Corps, the elite military force assigned to defend Iran’s Shi’ite theocracy from internal and external threats.
There was no immediate response to the charges and sanctions in Iran’s state-run media.
Hackers targeted email accounts of more than 100,000 professors worldwide and compromised about 8,000 of them, prosecutors said. Hackers also targeted the U.S. Labor Department, the U.S. Federal Energy Regulatory Commission, the United Nations and the computer systems of the U.S. states Hawaii and Indiana, prosecutors said.
Friday’s actions are part of an effort by senior cyber security officials at the White House and across the U.S. government to blame foreign countries for malicious hacks.
Three observations here about this story:
1) If Rod Rosenstein wanted cover from Trump's capricious ire, "indicting Iranian hackers in a major operation that started under Obama's watch" is about as high on the list as he could have gone, short of actually firing Mueller. In a real way, Rosenstein's announcement may have saved his job. For now.
2) With this coming the day after John Bolton's Mustache was announced as the next National Security Adviser, let's recall that the Trump regime's latest nuclear posture review included the desire to use military action, up to and including the deployment of "strategic weapons", in response to cyber attacks by nation states. Rosenstein conceivably just gave these asshole a pretext for war. Maybe nuclear war. Hell, I don't know.
3) But the DoJ investigating Iran's Revolutionary Guard's money trail is a double-bladed sword for Trump and he knows it. Last March's revelations that Ivanka Trump was involved heavily in a failed Trump Tower project in Baku, Azerbaijan that was really a money laundering front for the RG suddenly takes on a whole new level of importance, especially after this announcement. And of course, Robert Mueller knows what Rosenstein knows.
It's a complex and complicated subject, but the upshot is that while this was coming for a long time, the timing and method of the announcement was totally up to Rosenstein on this. There's a lot behind the scenes here, and we'll find out at some point.