Iran's need to steal intellectual property

The indictment of nine Iranians by the DOJ is one in a long string of incursions by Iran to compromise trusted insiders and steal intellectual property.

Iran's need to steal intellectual property
monsitj

The indictment of the nine Iranian hackers having pillaged a wide swath of academia and industry should have sent a chill through the spines of every research and manufacture entity outside of Iran.

Perhaps the mindset exists that one does not have to protect one’s research because knowledge is meant to be shared. If so, then this is a non-event for you.

But what of everyone else? Was it a matter of not seeing others being affected by cyber theft of intellectual property or thinking it could not happen to you? Were any entities truly surprised? Will any make a course correction?

Whichever camp you fall in, rest assured that as long as sanctions and restrictions on Iran remain, Iran will take steps to circumvent those restrictions in order to affect a technological transfer. And if they need it, your intellectual property is fair game.

How is it that one can be so assured? Because the road before us is littered with examples of Iranian sanction busting.

The past leads us to the future

If we choose to go back, say approximately 30 years, from 1990-1993, six patents were issued to citizens of Iran by the United States Patent Office. Yet the Iranian Interests Section in Washington, D.C., managed to legally copy and preserve the entire corpus of the U.S. patent office. When sanctions are in place, technology research is conducted in a semi-vacuum, and Iran used the patent office as a library of technology.

Slide forward to just one to eight years ago, and the noise factor was quite high when it came to Iran stealing intellectual property. Some examples that shoot off the page at us are:

  • In 2010, The Australian tells us how the ASIO blocked multiple shipments of “military supplies” and industrial pumps that could be used with the Iranian nuclear program.
  • In 2014, Wired published a story about how Iranians were posing as reporters so as to purloin embargoed technologies under the guise of an interview or query. Their social engineering skills were well honed, and their reach was well beyond the United States.
  • In 2016, the Department of Justice (DOJ) indicted seven Iranian government hackers from the Iranian Revolutionary Guard (IRGC). They were accused of penetrating a U.S. infrastructure provider, as well as U.S. banking entities.

The recent DOJ indictments of 9 Iranians

Now look at last week’s DOJ indictment of nine Iranians.

These nine provided Iran a return on investment that would make any intelligence chief smile with pride: “144 U.S. universities, 176 universities across 21 different countries, 47 domestic and foreign private sector companies, the U.S. Department of Labor, the Federal Energy Regulatory Commission, the State of Hawaii, the State of Indiana, the United Nations, and the United Nations Children’s Fund.”

By any measure, they made mincemeat of the infosec protocols of academia, as well as companies large and small, and they found their greatest success with the trusted insider. The DOJ notes how targeted phishing emails were sent to insiders, whose access was compromised. That is to say, 8,000 individual email accounts were compromised via the socially engineered phishing campaign.  

What we can expect from Iran in the future

If we open the 2018 Carnegie Endowment for International Peace study on “Iran’s Cyber Threat, espionage, sabotage and revenge,” we see an entire section dedicated to Iran’s external targets. The targeting includes not only to support the efforts of those engaged in intellectual property theft, but also to silence dissidents and to effectively execute disruptive and destructive cyber attacks.

We can expect that the recent indictments will not be the last, and the thought of Iran not engaging in intellectual property theft to be somewhere between slim and none.

Security Smart: 4 Common Password Myths ... Debunked!