Described as “the largest cyber-attack” anywhere in the world, the US government has accused the Iranian regime of hacking 320 universities in 22 countries, including in Europe.

As part of a global cyber-attack, Iranians hackers targeted at least 23 German universities, stealing unpublished research, dissertations, and conference reports, the magazine Der Spiegel reported (link in German) on Friday.

According to the report, the cyber-attacks started in 2014 and can be traced back to the Tehran Mabna Institute, a private company linked to Iran’s powerful Islamic Revolutionary Guard Corps (IRGC). The United States Department of Justice in March 2018 accused nine employees working there of hacking into U.S. universities, companies and state agencies.

“They hacked the computer systems of approximately 320 universities in 22 countries. 144 of the victims are American universities. The defendants stole research that cost the universities approximately $3.4 billion to procure and maintain,” the statement said.

The hackers also allegedly broke into the accounts of employees of U.S. government and non-governmental entities, including the Department of Labor, the Federal Energy Regulatory Commission, the states of Hawaii and Indiana, Indiana’s Department of Education, the United Nations, and the United Nations Children’s Fund.

U.S. officials stressed at the time that the hacking was conducted at the behest of the Iranian regime, and that Mabna Institute functions as a contractor for the Revolutionary Guards. “The IRGC plays a central role in Iran’s maligned activities across the world, including fomenting terrorism,” Sigal Mandelker, the Treasury’s undersecretary for terrorism and financial intelligence, observed last month.

The German Federal Prosecutor’s Office has now launched an investigation into foreign espionage.

“It’s the largest cyber-attack I know of anywhere in the world,” U.S. cybersecurity specialist and ex-FBI man, Crane Hassolder, told the magazine. His company has been investigating the attacks since December. According to Hassolder, the hackers sent a phishing mail to the university mailboxes, where scientists were asked to click on a link.

Despite the ongoing investigation, the expert warned that authorities have so far failed to contain Iran’s malign activities. Hassolder’s company recently discovered 46 new phishing sites in six different countries. “The hackers have not stopped,” he said, “the attack continues.”

Source: The Tower