- The Federal Energy Regulatory Commission is among the targets of alleged Iranian hackers indicted by the U.S. Justice Department on Friday.
- Nine members of an Iran-based company stole data from hundreds of universities and dozens of companies around the world, DOJ said, acting in many cases on behalf of Iran's government. The Department of Labor and state governments in Hawaii and Indiana were also targeted.
- DOJ said the hackers stole email accounts of employees at government agencies, but it remains unclear if any sensitive power system information was compromised.
The Department of Justice on Friday revealed that FERC was one target of a wide-ranging operation directed by the Iranian government to steal information from governments and private companies around the world.
DOJ said members of the Mabna Institute, a Tehran-based company, stole more than 31 terabytes of data and intellectual property from universities, as well as "email accounts of employees at private sector companies, government agencies, and non-governmental organizations."
In the U.S., the hacking affected more than 140 universities, 30 companies and five government agencies, Deputy Attorney General Rod Rosenstein said. “For many of these intrusions, the defendants acted at the behest of the Iranian government and, specifically, the Iranian Revolutionary Guard Corps."
At universities, hackers used stolen account credentials to "steal research, and other academic data and documents, including, among other things, academic journals, theses, dissertations, and electronic books."
FERC in an emailed statement said it is working with federal law enforcement authorities, but offered no information about the nature of information stolen.
"As the Commission previously stated, a small number of e-mail accounts were inappropriately accessed," spokesperson Craig Cano said in an email. "The Commission has taken and will continue to develop corrective action to ensure that appropriate controls are operating effectively."
The electric power sector is a prime target for cyberattacks, and earlier this month the federal government revealed that Russian hackers had mounted a prolonged attack on U.S. energy infrastructure. In that case, officials said the hacking objective was likely surveillance, but that such actions could reveal ways to disrupt industrial control systems on the grid.
FERC has in recent months directed companies under its jurisdiction to beef up their cyberattack reporting. In December, the commission approved a rule directing companies to report cyber intrusions whenever an attacker breaches their electronic security perimeter or control and monitoring systems, even if they do not disrupt service.
This post has been updated to reflect comment from FERC.