back to article Nine Iranians accused of cyber-swiping 30TB+ of blueprints from unis, biz on Tehran's orders

The US Department of Justice and Department of the Treasury on Friday charged nine Iranians with carrying out a series of internet attacks on more than 300 universities and 47 companies in the US and abroad, as well as federal and state agencies and the United Nations. The defendants were involved in various capacities with …

  1. Mark 85 Silver badge

    The sternly worded announcement again.

    Yep... we see it but do the Uni's? Being spearfishing, how do you stop people, in this case professors, from clicking on them?

    From what I know of professors, their ego won't let them not click on such an email as described.

  2. Anonymous Coward
    Anonymous Coward

    Evidence?

    Are we to be presented with any evidence this time, or do we have to accept on faith the agencies are telling us the truth?

    This sounds like precursor to war. The NK thing seems to have settled through the brilliant diplomacy of SK's President Moon, so the hawks are going for another old enemy which is manageable.

  3. Destroy All Monsters Silver badge
    Devil

    Re: Evidence?

    With Pompeo and Bolton, the probability of war is about 80% I would say.

    But maybe the generals will revolt.

  4. Ledswinger Silver badge

    Re: Evidence?

    This sounds like precursor to war.

    I doubt it. The Iranians are clever and cunning, and whilst the US/Saudi/Israeli alliance would win a war through both technology and strength of numbers, there's a considerable risk that the Iranians home grown missiles and asymmetric tactics could inflict material destruction on globally important oil and gas facilities, as well as risking inflicting embarrassing damage on the US 5th fleet from Iran's asymmetric naval warfare tactics. Moreover, much as the US love the idea of regime change, it hasn't been a compelling success in Afghanistan, Iraq, Syria, or Libya.

    A full blown war creates new risks that China or Russia might choose to intervene or supply weapons, which both have been talked about but (as far as we know) not yet done. Given that Russia is an energy exporter, a good, destructive war in the Gulf would actually be in Russia's strategic and economic interest. China is an energy importer, and wouldn't want a destructive war in the Gulf, but could have an interest in arming and assisting Iran who would then be obliged to supply as much gas as China wanted to buy.

    So rather than a precursor to war, this court case and public accusation is part of the endless tit-for-tat intended to keep the pressure on by both sides. The US believes Iran is aiding fighters in Afghanistan, this court case creates a very modest amount of difficulty for Iran, but continues to paint Iran as the aggressor in the mind of the US public, and thus justify further arms sales to the GCC countries, continued free issue of arms to Israel, and all the rest. In this context, it doesn't matter whether the hacking actually happened at all, what if anything was taken, nor even which country did it (eg a false flag attack). And for Iran, if they did do it, it is a message that says "we're still here, we're not going away, and we're not frightened of Uncle Sam".

  5. Anonymous Coward
    Anonymous Coward

    Do as I say ...

    "... we reinforce a norm that most of the civilized world accepts: nation-states should not steal intellectual property for the purpose of giving domestic industries a competitive advantage,"

    Isn't that exactly how the US became an industrial power in the 19th and early 20th centuries?

    By stealing European IP (and still does to some extent, e.g. see the the theft of Airbus IP by American intelligence).

  6. Brian Miller Silver badge
    FAIL

    Encryption, anyone?

    A little while back, I received a letter from a local university. The letter stated that a safe had been cracked, and a hard drive had been stolen. I was receiving this letter because the drive had my SSN! Did I attend the university? No. Did I ever consent to them possessing my data? No. But there it was, pilfered from a safe. Of course they offered me credit monitoring for a year with a known (and worthless) agency.

    But if they, and the other universities, had used encryption, it wouldn't have mattered!

    Unless they thought encryption consisted of ROT13...

  7. Amos1

    Re: Encryption, anyone?

    No, no. Clearly they used ROT26 encryption.

  8. Duncan Macdonald Silver badge

    Low value research

    If 30+TB of data cost $3.4B this implies a cost of about $1 per kB - not exactly high value. It will probably cost Iran more to read the data than it cost the universities to produce it!!!

  9. Tim Worstal

    Re: Low value research

    "If 30+TB of data cost $3.4B this implies a cost of about $1 per kB"

    That's the DoJ lying through their teeth.

    Their claim is that the US universities paid about $3.4 billion for the information. Most of which was actually subscriptions to academic journals, the papers from which the Iranians downloaded.

    Loss to the universities, zero. They've still got all the information they started with, still got their subscriptions and haven't paid any more for them.

    Loss to the publishers like Elsevier - not, clearly, the nominal cost of the downloaded papers. But rather the loss of revenue from those papers which would have been paid for in the absence of the data theft. Obviously, some sort of sum there but it's not $3.4 billion. Tending towards $0 would be my best guess.

  10. Ledswinger Silver badge

    Re: Low value research

    Obviously, some sort of sum there but it's not $3.4 billion.

    Whilst I'm sure that the value is a made up number, it doesn't mean that the cost of the research was tending to nil. If you were hacking universities, I'll wager you wouldn't waste time going for the published stuff, since that can be easily purchased for less than the cost of maintaining a competent hacking team, or simply picked up from tame contacts who have access to the journals already.

    You'd be after the stuff that hasn't been, and never will be published - contract research for business or government, and you'd be very specific about the particular fields of that research. In the case of Iran, I'd guess they were very interested in cyber security, military & aerospace, nuclear technology, along with civil infrastructure, and all areas that are affected by sanctions, for example dry-climate agriculture, power engineering, automotive, industrial productivity, economic and commercial management (to alleviate food and goods price pressure, and create jobs for the large youth population).

  11. Tim Worstal

    Re: Low value research

    Take your point, yes, but that's not what is being alleged.

    https://www.justice.gov/opa/pr/nine-iranians-charged-conducting-massive-cyber-theft-campaign-behalf-islamic-revolutionary

    "The members of the conspiracy used stolen account credentials to obtain unauthorized access to victim professor accounts, which they used to steal research, and other academic data and documents, including, among other things, academic journals, theses, dissertations, and electronic books. The defendants targeted data across all fields of research and academic disciplines, including science and technology, engineering, social sciences, medical, and other professional fields."

    I do read that as breaching the academic publishing paywalls more than anything else.

  12. Ledswinger Silver badge

    Re: Low value research

    I do read that as breaching the academic publishing paywalls more than anything else.

    Fair enough, 'tis what it said. I'd still imagine the value is the "among other things" that the hackers were after, rather than piggy-backing on somebody's HBR subscription, but the US authorities aren't going to admit it if the hackers had copied (eg) the F35 control software, US civil infrastructure plans, or top level research on naval railguns and lasers.

  13. Christoph Silver badge

    If the Universities were hacked over the Internet, just how did the US authorities identify who was at the keyboard in another country doing the hacking? And if this ever comes to court how will they prove it to the satisfaction of a jury?

    Oh no, of course - this will be one of those secret trials where there's no jury and the defendants don't get to see the evidence against them.

  14. Ledswinger Silver badge

    just how did the US authorities identify who was at the keyboard in another country doing the hacking?

    Doesn't matter, because the US don't expect to get their hands on them. Assuming there was the reported cyber attack, these people may not be the hackers. They may be the managers/officers of a hacking unit, who would be higher value targets than a few replaceable black hat nerds. Or they may even be wholly unassociated with hacking, but of political, technical or military importance - by charging them, the US has put an extensive travel ban in place that it couldn't otherwise achieve on a global scale, but if the "names" are important in the ways suggested, they're hardly going to try and challenge the US government's arrest warrant in court to prove their innocence, are they?

    Doesn't matter whether they did the crime they're charged with, the arrest warrant just becomes a means of restricting their mobility, and their ability to communicate or conduct business with any Western-aligned country.

  15. Anonymous Coward
    Anonymous Coward

    Pot meet Kettle.

    > we reinforce a norm that most of the civilized world.....

    Lets see

    Stuxnet

    Eternal Blue

    Angela Merkel mobile hacking

    Gemalto hack

    These are just the ones I can think of.

    Reporter to Gandhi: What do you think of Western civilisation?

    Gandhi: I think it would be a good idea...

  16. Amos1

    Has any other country indicted or charged USA government hackers yet?

    Yet another occupational hazard. You can no longer travel to a country that has an extradition treaty with the charging country. Travel to Istanbul and get extradited to Russia. Or travel to Italy and get the "extraordinary rendition" treatment that Russia learned from the USA.

  17. Anonymous Coward
    Anonymous Coward

    How convenient

    Especially since Trump and Israel wants to start a war with Iran. The US has a history of pilfering stuff from other countries via the NSA and they want us to trust them with their word that Iran is guilty. Remember that the USA is the same country that went to war against Iraq despite the UN Weapons inspector Hans Blix categorically said that there was no evidence of weapons of mass destruction. How much more fabricated "evidence" do they want to create in order to start a war?

  18. Anonymous Coward
    Anonymous Coward

    It's sad when innocent persons anywhere find themselves a victim in a "game" between government agencies without regard to law or morality. At least they didn't kill anyone like the Israelis do - I doubt they'll ever be brought to justice. Where will it all end?

  19. Gordon Pryra

    Load of hogwash

    In my experience with Universities and academic data, anything of any real value is held on the desktop hosted on a crappy external USB hard drive.

    It would have cost the hackers more on bandwidth charges to get 34 TB out of the average internet connections universities allow their workers than it would to licence anything patent worthy legally.

  20. rmason Silver badge

    HINT:

    "They would collect names and email addresses for employees and then try lists of commonly used passwords. The indictment does not reveal how many accounts were compromised in this way."

    The answer to this will be "a lot".

    Doesn't matter if you're dealing with professors, professionals or random Joe Public, you'll still find a staggering amount of common passwords in use.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2018