US indicts 7 Iranians in cyber attacks on banks and New York dam 

The US is determined to expose Iranian hackers linked to the Iranian government and who targeted important US assets.

By: AP
Attorney General Loretta Lynch

Attorney General Loretta Lynch. (AP/Jacquelyn Martin)

The US charged seven hackers linked to the Iranian government with executing large-scale coordinated cyberattacks on dozens of banks as well as a dam outside New York City — intrusions that law enforcement officials said reached into America’s infrastructure, disrupted the nation’s financial system and cost tens of millions.

Indictments announced Thursday by the Justice Department show a determination by overseas hackers to cripple vital American interests, officials said, and marked the first time the FBI attributed a breach of a US computer system that controls critical infrastructure to a hacker linked to a foreign government.

The hackers are accused of infecting thousands of people’s computers with malware to create a network of zombie computers they used to overwhelm servers of major institutions to knock them offline. Those included the Bank of America, NASDAQ and the New York Stock Exchange.

“The attacks were relentless, systematic and widespread,” said Attorney General Loretta Lynch. “They threatened our economic well-being and our ability to compete fairly in the global marketplace, both of which are directly linked to our national security.”

Read  Israeli cyber chief: Iranian attacks have tripled since Oct. 7

One of the alleged hackers is accused of repeatedly gaining access to the control system of the Bowman Avenue Dam, a small flood-control structure in Rye Brook, about 20 miles (32 kilometers) north of New York City. Officials termed his access “a frightening frontier on cybercrime,” and said the hacker would have been able to operate a digitally controlled sluice gate, flooding portions of the city of Rye, but the gate had been disconnected for maintenance.

The hacker was still able to gain information about the dam’s operations, including its water level, temperature and the sluice gate.

While that attack did no harm, one official said the hacker obtained knowledge about the computer system that could be used on other dams and infrastructure. The official spoke on condition of anonymity because he wasn’t authorized to speak publicly. Computer systems, such as the one controlling the dam, are considered the backbone or core of modern industries including transportation, energy, oil and gas and manufacturing.

IRGC Involved in the Attacks

The indictments unsealed Thursday stem from intrusions between 2011 and 2013 that officials say targeted 46 victims, disabling bank websites and interfering with customers’ ability to do online banking. The attacks, which occurred sporadically over 176 days, cost the institutions tens of millions of dollars in remediation costs, but no customers lost money or had their personal information stolen.

The accused hackers worked for two Iranian computer companies linked to the Iranian government, including the Islamic Revolutionary Guard Corps (IRGC), the US said. Charges include violating US laws on computer hacking and gaining unauthorized access to a protected computer.

Read  ‘Iran fighting seven-front war on Israel’ – Netanyahu

The seven defendants are Ahmad Fathi, 37; Hamid Firoozi, 34; Amin Shokohi, 25; Sadegh Ahmadzadega, 23; Omid Ghaffarinia, 25; Sina Keissar, 25, and Nader Saedi, 26. Faroozi is charged alone for hacking the dam. Shokohi received credit from the Iranian government toward his mandatory military service for his work in the attacks, the US alleges.

None of the individuals is in American custody and it’s unclear whether they will ever be arrested or if criminal indictments in absentia are effective in combatting such crimes.

The Justice Department in May 2014 indicted five Chinese military officials suspected of hacking into several major American companies, including US Steel and Westinghouse, and stealing trade secrets. None has been brought to the US to face charges.

The Justice Department is determined to remove a cloak of “perceived anonymity” long enjoyed by foreign hackers and has focused on doing so since 2012, said John Carlin, the department’s top national security official.

“We want them looking over their shoulder, both when they travel and when they sit at a keyboard,” said FBI Director James Comey.

The criminal case comes amid warming relations between the US and Iran following last year’s nuclear agreement.

Since rolling back its nuclear program this year, Iran has regained access to some $100 billion in overseas assets and the two countries’ top diplomats have been meeting and discussing global matters at their most intensive level since Iran’s 1979 overthrow of the US-backed shah.

Read  Report: Ultra-Orthodox man arrested for spying on behalf of Iran

Significant tensions remain, however. Iran has conducted several ballistic missile tests in violation of a UN ban, prompting the latest US sanctions against the Islamic Republic on Thursday.