Iranian cyberattackers conducted a major operation to hack into “companies involved in aerospace or satellite technology and international government organizations” across the United States and four other countries, according to federal investigators.
“This case highlights the Islamic Revolutionary Guard Corps’s efforts to infiltrate the networks of American companies in search of valuable commercial information and intellectual property,” Assistant Attorney General John Demers said Thursday while unveiling three indictments. “It is yet another effort by a rogue foreign nation to steal the fruits of this country’s hard work and expertise.”
The hackers impersonated American citizens who work in the space industry, using the stolen identities as an online beachhead for launching spear-phishing operations against other individuals in the space industry, Justice Department officials allege.
The new charges, the latest in a flurry of cases involving Iranian cyberattacks, come just two weeks after U.S. officials acknowledged that American space systems are targeted “with concerning regularity” by online attackers.
“The defendants successfully compromised multiple victim networks, resulting in the theft of sensitive commercial information, intellectual property, and personal data from victim companies, including a satellite-tracking company and a satellite voice and data communication company,” the Justice Department alleged.
The indictment of three men in that case coincided with the Treasury Department’s decision to impose sanctions on dozens of Iranians who conducted “a yearslong malware campaign that targeted Iranian dissidents, journalists, and international companies in the travel sector” on behalf of the regime.
“Today’s action is another reminder of the great risk that the Iranian regime poses to international cybersecurity, as well as to the Iranian people who face the continued threat of digital darkness and high-tech silencing,” Secretary of State Mike Pompeo said in hailing those sanctions. “The United States will not relent in our efforts to expose these threats and protect our homeland and our friends and allies.”
Pompeo regards Iran’s satellite program as a cover for the regime’s nuclear weapons program, warning that satellite launch technology is “virtually identical to that used in ballistic missiles.” Justice Department officials didn’t identify the full range of Iranian hacking targets, which they identified as being spread across Australia, Israel, Singapore, and the United Kingdom, in addition to the U.S.
“The defendants targeted thousands of individuals in an attempt to steal critical information related to U.S. aerospace and satellite technology,” the FBI’s James Dawson said in the announcement. “The FBI remains dedicated to protecting the U.S., and we continue to impose risk and consequences on cyber adversaries through our unique authorities, world-class capabilities, and enduring partnerships.”
