New York, 24 Mar – The Obama administration on Thursday announced the indictment of seven Iranian hackers for a coordinated campaign of cyber attacks on dozens of US banks and a New York dam from 2011 to 2013, signaling an effort by US officials to more publicly confront cyber crime waged on behalf of foreign nations.
The indictment, filed in a federal court in New York City, described the suspects, who live in Iran, as “experienced computer hackers” believed to have been working on behalf of the Iranian government.
The move marks the first time the US government has charged individuals tied to a nation-state with attempting to disrupt critical infrastructure, a vulnerability that security researchers have grown increasingly concerned about in recent months, according to Reuters.
Separately, the US Treasury Department blacklisted two Iranian companies on Thursday for supporting Iran’s ballistic missile program and also sanctioned two British businessmen it said were helping an airline used by Iran’s Revolutionary Guards (IRGC).
The charged hackers were identified as Ahmad Fathi, Hamid Firoozi, Amin Shokohi, Sadegh Ahmadzadegan, Omid Ghaffarinia, Sina Keissar and Nader Seidi, all citizens and residents of Iran. They are accused of conspiracy to commit computer hacking while employed by two Iran-based computer companies, ITSecTeam and Mersad Company.
Firoozi is additionally charged with obtaining and abetting unauthorized access to a protected computer.
At a news conference announcing the charges, US Attorney General Loretta Lynch said the accused hackers caused tens of millions of dollars in damages in their assault on US banks. At least 46 major financial institutions and financial sector companies were targeted, including JPMorgan Chase, Wells Fargo and American Express, according to the indictment. AT&T was also targeted.
The hackers are accused of hitting the banks with distributed denial of service attacks on a near-weekly basis, a relatively unsophisticated tactic that can bring computer networks offline by flooding servers with spammed traffic.
“These attacks were relentless, they were systematic, and they were widespread”, Lynch said.
But the attack on Bowman Avenue Dam in Rye Brook, New York, was especially alarming to investigators, Lynch said, because the intrusion could have posed a serious threat to the security of Americans. A stroke of good fortune prevented the hackers from obtaining operational control of the flood gates because the dam had been manually disconnected for routine maintenance, she said.
The indictment represents the Obama administration’s latest attempt to more publicly confront cyber attacks carried out by other countries against the US.
“An important part of our cybersecurity practice is to identify the actors and to attribute them publicly when we can”, Lynch said. “We do this so that they know they cannot hide”.
Though the indictment comes at a time of reduced tensions between the US and Iran after a landmark 2015 nuclear deal, it is not expected that Iran will allow their extradition to the US to face charges.
FBI Director James Comey vowed to pursue justice, stating at the conference, “the world is small, and our memory is long”.
Based in part on wire reports