Today (March 23) the US indicted nine employees of the Mabna Institute based in Iran for a global hacking campaign targeting universities, including in the UK.
Foreign Office Minister for Cyber, Lord Tariq Ahmad of Wimbledon said:
“The UK Government judges that the Mabna Institute based in Iran was responsible for a hacking campaign targeting universities around the world. By stealing intellectual property from universities, these hackers attempted to make money and gain technological advantage at our expense.
"We welcome the US indictments. It demonstrates our willingness and ability to respond collectively to cyber-attacks using all levers at our disposal. The focus on universities is a timely reminder that all organisations are potential targets and need to constantly strive for the best possible cyber security.”
Today’s action is a further step demonstrating that malicious cyber activity will not go unpunished. Mabna Institute employees can no longer travel freely, curtailing their career prospects outside of Iran.
Notes for editors
The UK’s National Cyber Security Centre assesses with high confidence that the Mabna Institute are almost certainly responsible for a multi-year Computer Network Exploitation (CNE) campaign targeting universities in the UK, the US, as well as other Western nations, primarily for the purposes of intellectual property (IP) theft.
Today’s action comes after US law enforcement indicted other employees of the Mabna Institute in November 2017 for the hack and leak operation against TV company HBO.
The NCSC has guidance on how organisations can protect themselves in cyberspace, including the 10 steps to cyber security.