How Did the 9 Iranian IP Thieves Do It?

So, how sophisticated was the massive theft of IP by the 9 Iranians charged by the U.S. Department of Justice on Friday?

Well, here is a quote from a recent New York Times report, “According to the indictment, the Iranians broke into universities through relatively simple but common means — tricking professors to click on compromised links.”

IP THEFT RESULTS

The IP theft operation reportedly started in 2013 with the following impact:

• 31.5 terabytes of academic data and IP stolen
• $3-4 Billion value to procure data and IP by affected U.S. universities
• 144 U.S. universities
• 176 universities across 21 foreign countries
• Targeted 100,000 professor accounts around the world
• 8,000 professor email accounts in the U.S. alone
• 47 domestic and foreign private sector companies, and
• 5 U.S. government agencies

SPEAR-PHISHING

The New York Times report continued, “The spear-phishing emails purported to be from professors at one university to those at another and contained what appeared to be authentic article links. But once clicked on, the links steered the professors to a malicious Internet domain that led them to believe they’d been logged out of their systems and that asked them to enter their log-in credentials.

“Those credentials were logged and stolen by the hackers, prosecutors say.”[1]

IMPERSONATION

Of course, as investigators, we are all too familiar with this routine fraud strategy: “Impersonation.”

In this case, the IP thieves lured the university professors in by impersonating other professors and institutions.

But the strategy is common: Impersonate the government institution, university, or private company (and persons purporting to represent those entities) by presenting an authentic appearance. And often it simply begins with a bogus email address, which is followed up with a bogus website, which leads to a bogus link, which often leads to giving-up personal identifying data (i.e., passwords) which then gives the thieves access to your IP.

IP PROTECTION MINDFULNESS

Again, we are reminded of the need to raise the mindfulness of personnel whether in universities, private industry, or government institutions of the fundamentals of IP protection.

I wrote about IP protection mindfulness in a previous post titled, “Trade Secrets Protection-Mindfulness” on October 31, 2017.

Here is an excerpt: “HOW DO YOU RAISE THE TRADE SECRETS PROTECTION MINDFULNESS OF YOUR EMPLOYEES? The answer is Training. Just as companies have devoted resources to raising the “mindfulness” to workplace violence and sexual harassment (to minimize their risk to such episodes), companies need to devote resources to “trade secrets protection mindfulness” training.

“THE REALITY Companies, by necessity, need to accept the times we live in and the bad actors out there who will go to extreme lengths to steal their “trade secrets.” Just as we all—in this age of terrorism—have learned to live with exhaustive airport screening to minimize the chance of being attacked, similarly, in this exponentially growing age of IP theft, companies need to accept the critical need to raise the “trade secrets protection mindfulness” of its employees to minimize the risk of their “trade secrets” being stolen.”

CONCLUSION

In this recent episode, the bottom line issue is Online Use Discipline: “If you don’t know the sender, “Don’t Click the Link.”

ALPHABETICAL LISTING OF THE 21 OTHER COUNTRIES AFFECTED:

• Australia
• Canada
• China
• Denmark
• Finland
• Germany
• Ireland
• Israel
• Italy
• Japan
• Malaysia
• Netherlands
• Norway
• Poland
• Singapore
• South Korea
• Spain
• Sweden
• Switzerland
• Turkey
• United Kingdom

ADDITIONAL READING

Nine Iranians Charged With Conducting Massive Cyber Theft Campaign on Behalf of the Islamic Revolutionary Guard Corps, U.S. Department of Justice, Press Release, March 23, 2018 https://www.justice.gov/opa/pr/nine-iranians-charged-conducting-massive-cyber-theft-campaign-behalf-islamic-revolutionary

When Nation-States Hack the Private Sector for Intellectual Property, The Hill, March 31, 2018 http://thehill.com/opinion/technology/380948-when-nation-states-hack-the-private-sector-for-intellectual-property

Nine Iranians Charged in Massive Hacking Scheme, NBC News, March 23, 2018 https://www.nbcnews.com/politics/politics-news/nine-iranians-charged-massive-hacking-scheme-n859471

U.S. Charges 9 Iranians in Massive Hacking Scheme, written by the Associated Press and published in the New York Times, March 24, 2018 https://www.nytimes.com/aponline/2018/03/23/us/politics/ap-us-Iranian-hackers.html

[1] U.S. Charges 9 Iranians in Huge Theft of Intellectual Property, NY Times, March 23, 2018, https://www.nytimes.com/aponline/2018/03/23/us/politics/ap-us-Iranian-hackers.html

Disclaimer: IPPIBlog.com is offered as a service to the professional IP community. While every effort has been made to check information in this blog, we provide no guarantees or warranties, express or implied, with regard to content provided in IPPIBlog.com. We disclaim any and all liability and responsibility for the qualification or accuracy of representations made by the contributors or for any disputes that may arise. It is the responsibility of the readers to independently investigate and verify the credentials of such person and the accuracy and validity of the information provided by them. This blog is provided for general information purposes only and is not intended to provide legal or other professional advice.