U.S. Charges Iranians with Cyberattacks Against Banks, Dam

The indictment charges seven Iranians employed by two Iran-based computer firms sponsored by Iran’s Revolutionary Guard with attacks against 46 com...
Katie Kuehner-HebertMarch 24, 2016

The U.S. government has charged seven Iranians with conducting a coordinated campaign of cyberattacks against U.S. banks and a New York dam on behalf of the Iran government

The U.S. Attorney’s Office in Manhattan announced an indictment charging seven Iranians employed by two Iran-based computer companies,  ITSecTeam and Mersad, which were sponsored by Iran’s Islamic Revolutionary Guard for conducting a coordinated campaign of distributed denial of service (DDoS) attacks against 46 major companies, mainly in the U.S. financial sector, from late 2011 through mid-2013. The Iranians named were Ahmad Fathi, Hamid Firoozi, Amin Shokohi, Sadegh Ahmadzadegan, Omid Ghaffarinia, Sina Keissar, and Nader Seidi

These attacks, which occurred on more than 176 days, disabled bank websites, prevented customers from accessing their accounts online, and collectively cost the banks tens of millions of dollars in remediation costs as they worked to neutralize and mitigate the attacks on their servers, according to the U.S. Attorney’s office.

Drive Business Strategy and Growth

Drive Business Strategy and Growth

Learn how NetSuite Financial Management allows you to quickly and easily model what-if scenarios and generate reports.

In addition, one of the individuals, Firoozi, is charged with obtaining unauthorized access to the computer systems of the Bowman Dam in Rye, N.Y., in August and September of 2013.

“In unsealing this indictment, the Department of Justice is sending a powerful message: that we will not allow any individual, group, or nation to sabotage American financial institutions or undermine the integrity of fair competition in the operation of the free market,” U.S. Attorney General Loretta E. Lynch said in a press release.

Zachary Goldman, executive director of New York University School of Law’s Center on Law and Security told the Washington Post that the indictment “demonstrates a continued commitment to raising the cost of cybercrime and to demonstrating that the U.S. government can uncover the tradecraft of cybercriminals and attribute their activities with confidence.”

“It also reinforces the U.S. government’s commitment to using every tool available to counter Iran’s destructive activities notwithstanding the nuclear deal,” Goldman added.

Iran has been suspected by analysts and lawmakers of conducting the cyberattacks in response to increasingly strong economic sanctions imposed on Iran by the United States and Europe for its nuclear program, according to the Post. In July, the U.S. and Iran, along with other governments, signed a nuclear accord which lifted the sanctions.

The indictment against the Iranian hackers could ease the way for economic sanctions to be imposed on the individuals, a punishment authorized last April by an executive order signed by President Obama, some administration officials told the newspaper.