USA charges Iran in cyber attacks against banks, NY dam
The indictment alleges that the suspects caused cyber mayhem, including coordinated “distributed denial of service”, or DDoS, attacks – which attempt to overwhelm servers – on USA financial institutions.
Those targeted included the New York Stock Exchange, the Bank of America, NASDAQ, JPMorgan Chase Wells Fargo and American Express.
“The attacks were relentless, systematic and widespread”, Attorney General Loretta Lynch said at a briefing Thursday at the Justice Department. He said they used this anonymity “to break our laws through cyber intrusions and to threaten our security and economic well-being…”
Federal investigators say that over the course of several weeks in 2013, one of the Iranian hackers repeatedly gained access to computers controlling key systems of the dam, located 29 miles from Manhattan.
The dam hack, which was previously reported in December, would theoretically have allowed the Iranians to open and close the sluice gate, but at the time of the intrusion it had been manually disconnected for maintenance, the government said.
He was able to access water level and temperature data, as well as the status of the sluice gate, which controls water levels and flow rate.
“Just because they are not here now does not mean we will never get them”, she said. Initially, the DOJ focused on the hacking of a NY dam, but it looks like those efforts were part of a broader plan.
The attacks, which took place between 2011 and 2013, prevented hundreds of thousands of customers from gaining entry to their accounts. The DDoS attacks on United States financial institutions were disruptive and costly, but the dam hacking poses a qualitatively different risk of harm.
‘Today we have unsealed an indictment against seven alleged experienced hackers employed by computer security companies working on behalf of the Iranian government, including the Revolutionary Guard Corps, ‘ Lynch said. Faroozi is charged alone for hacking the dam.
The indictments against the Iranian hackers reflect Iran’s growing cybersecurity capabilities, which have been developed since 2009, when massive protests spurred the government to find ways to manipulate its networks, says James Lewis, a cybersecurity researcher at the Center for Strategic and International Studies.
“The message of this case is that we will work together to shrink the world and impose costs on those people so that no matter where they are we will try to reach them and no matter how hard they work to hide their identity and their tradecraft, we will find ways to pierce that shield and identify them”.
Lynch remained optimistic about the chances to bring both Chinese and Iranian hackers to justice in a USA courtroom.
The United States and Israel covertly sabotaged Iran’s nuclear programme in 2009 and 2010 with the now-famous Stuxnet computer virus, which destroyed Iranian centrifuges that were enriching uranium.
The Islamic Republic also said that the U.S.is in “no position” to accuse nationals of other countries without providing any evidence.
But the attack alarmed Obama administration officials who have voiced concerns about the vulnerability of US infrastructure to cyberattacks.