U.S. blames Iran for hacking dozens of banks, New York dam

March 24, 2016 12:58 PM

The Obama administration on Thursday announced the indictment of seven Iranian hackers for a coordinated campaign of cyber attacks on dozens of U.S. banks and a New York dam from 2011 to 2013, signaling an effort by officials to more publicly confront cyber crime waged on behalf of foreign nations.

The indictment, filed in a federal court in New York City, described the suspects, who live in Iran, as "experienced computer hackers" believed to have been working on behalf of the Iranian government.

The move marks the first time the U.S. government has charged individuals tied to a nation-state with attempting to disrupt critical infrastructure, a vulnerability that security researchers have grown increasingly concerned about in recent months.

Separately, the U.S. Treasury Department blacklisted two Iranian companies on Thursday for supporting Iran's ballistic missile program and also sanctioned two British businessmen it said were helping an airline used by Iran's Revolutionary Guards.

The charged hackers were identified as Ahmad Fathi, Hamid Firoozi, Amin Shokohi, Sadegh Ahmadzadegan, Omid Ghaffarinia, Sina Keissar and Nader Seidi, all citizens and residents of Iran. They are accused of conspiracy to commit computer hacking while employed by two Iran-based computer companies, ITSecTeam and Mersad Company.

Firoozi is additionally charged with obtaining and abetting unauthorized access to a protected computer.

At a news conference announcing the charges, U.S. Attorney General Loretta Lynch said the accused hackers caused tens of millions of dollars in damages in their assault on U.S banks. At least 46 major financial institutions and financial sector companies were targeted, including JPMorgan Chase, Wells Fargo and American Express, according to the indictment. AT&T was also targeted.

The hackers are accused of hitting the banks with distributed denial of service attacks on a near-weekly basis, a relatively unsophisticated tactic that can bring computer networks offline by flooding servers with spammed traffic.

“These attacks were relentless, they were systematic, and they were widespread,” Lynch said.

But the attack on Bowman Avenue Dam in Rye Brook, New York, was especially alarming to investigators, Lynch said, because the intrusion could have posed a serious threat to the security of Americans. A stroke of good fortune prevented the hackers from obtaining operational control of the flood gates because the dam had been manually disconnected for routine maintenance, she said.

The indictment represents the Obama administration's latest attempt to more publicly confront cyber attacks carried out by other countries against the United States.

“An important part of our cybersecurity practice is to identify the actors and to attribute them publicly when we can," Lynch said. "We do this so that they know they cannot hide.”

Though the indictment comes at a time of reduced tensions between the United States and Iran after a landmark 2015 nuclear deal, it is not expected that Iran will allow their extradition to the United States to face charges.

FBI Director James Comey vowed to pursue justice, stating at the conference, "the world is small, and our memory is long."

About the Author