US sanctions Iranian hackers for 'stealing university data'

Image source, Reuters
Image caption,
The Mabna Institute is accused of hacking at least 320 universities worldwide

The United States has imposed sanctions on an Iranian company and 10 individuals for alleged cyber attacks, including on hundreds of universities.

The Mabna Institute is accused of stealing 31 terabytes of "valuable intellectual property and data".

The justice department said the firm hacked 320 universities around the world, dozens of companies and parts of the US government.

Nine of the 10 individuals have been indicted separately for related crimes.

The two founders of the Mabna Institute are among those sanctioned and their assets are subject to US seizure, a statement by the US Treasury Department said.

"These defendants are now fugitives of justice," US Deputy Attorney General Rod Rosenstein said at a news conference. Reuters reported he warned that the individuals may face extradition in more than 100 countries if they travel outside of Iran.

The Mabna Institute was established in 2013, and US prosecutors believe it was designed to help Iranian research organisations steal information.

It is accused of carrying out cyber attacks on 144 US universities, and 176 universities in 21 foreign countries, including the UK, Germany, Canada, Israel and Japan.

By targeting the email accounts of more than 100,000 professors worldwide, the hackers compromised about 8,000 of them, according to the justice department.

US authorities described the global conspiracy as one of the largest state-sponsored hacking sprees to be prosecuted.

"The Department of Justice will aggressively investigate and prosecute hostile actors who attempt to profit from America's ideas by infiltrating our computer systems and stealing intellectual property," Mr Rosenstein said, according to news agency AFP.

Many of these "intrusions", Mr Rosenstein said, were done "at the behest of the Iranian government and, specifically, the Iranian Revolutionary Guard Corps".

The hackers also targeted the US Department of Labor, Federal Energy Regulatory Commission and the United Nations, according to prosecutors.