03/28/2018

FBI Indicts Nine Iranians in a Massive Scheme Targeting Academic Credentials

The scheme sought to capture credentials and materials from 47 U.S.-based and foreign private sector companies

At a press conference on Friday last week, the U.S. Federal Bureau of Investigation (FBI) unsealed indictments of nine Iranian citizens. This sentence is an odd way to start a Scholarly Kitchen post, admittedly. What makes this case interesting to the scholarly community is what these men were indicted for: the bulk theft of intellectual property from academic institutions in a brazen scheme to gather and redistribute scholarly content. The indictments outline a multi-year effort launched in approximately 2013, by the Mabna Institute, a company based in Tehran, to assist Iranian universities and scientific and research organizations in stealing access to non-Iranian scientific resources. The indictment press release describes the alleged efforts whereby:

“…the Mabna Institute, through the activities of the defendants, targeted more than 100,000 accounts of professors around the world. They successfully compromised approximately 8,000 professor email accounts across 144 U.S.-based universities, and 176 universities located in 21 foreign countries.”

In addition, the scheme sought to capture credentials and materials from 47 U.S.-based and foreign private sector companies, the U.S. Department of Labor, the Federal Energy Regulatory Commission, the State of Hawaii, the State of Indiana, the United Nations, and the United Nations Children’s Fund. The indictment alleges a complex and architected effort targeting all domains of research, including science and technology, engineering, social sciences, medicine, and other professional fields. The defendants allegedly conducted reconnaissance of targets to determine individuals’ research interests and where they had published articles. Based on that background information, posing as colleagues from other institutions, the team sent phishing e-mails to their targets. Once compromised credentials were collected they were then used to access and copy materials, including scholarly journals, theses and dissertations, and electronic books for further distribution. Credentials were allegedly then also resold for others to access the compromised institution’s systems.

Please select this link to read the complete article from The Scholarly Kitchen.