U.S. indicts Iranians for NY Dam Cyber-Attack and dozens of banks
Not sure how they plan to get their hands on the culprits, but the U.S. indicts Iranians for the cyber-attack and dozens of banks. U.S. FBI Director James Comey announced indictments on Iranian hackers for a coordinated campaign of dam cyber-attack and Banks in 2012 and 2013.
Seven Iranian hackers conducted a coordinated NY dam cyber-attack and dozens of U.S. banks, causing millions of dollars in lost business, and an attempt to shut down a New York dam. The indictment for the first time accused individuals tied to another country of trying to disrupt critical infrastructure.
It said the seven accused were believed to have been working on behalf of Iran’s government and the Islamic Revolutionary Guard. Those named live in Iran and the Iranian government is not expected to extradite them. There was no immediate comment from Tehran.
At least 46 major financial institutions and financial sector companies were targeted, including JPMorgan Chase (JPM.N), Wells Fargo (WFC.N) and American Express (AXP.N), the indictment said. AT&T (T.N) also was targeted.
The hackers are accused of hitting the banks with distributed-denial-of-service attacks on a near-weekly basis, a relatively unsophisticated way of knocking computer networks offline by overwhelming them with a flood of spammed traffic.
“These attacks were relentless, they were systematic, and they were widespread,” U.S. Attorney General Loretta Lynch told a Washington news conference. The attack on the Bowman Avenue Dam in Rye Brook, New York, was especially alarming, because it represented a known intrusion on critical infrastructure. A stroke of good fortune prevented the hackers from obtaining operational control of the flood gates because the dam had been manually disconnected for routine maintenance.
The Bowman hack was a “game-changing event” for the U.S. government that prompted investigators to uncover other systems vulnerable to similar attacks, said Andre McGregor, a former FBI agent and a lead case investigator on the dam intrusion.
“The investigation’s discovery of many more exposed computer systems with vulnerable management consoles is a constant reminder that basic cyber hygiene remains at the forefront of the battle against cyber-attacks,” said McGregor, now director of security at Tanium, a Silicon Valley cyber security firm.
“We must step up our counter-hacking game ASAP to deal with threats from places like Iran and would be terrorists,” said New York Senator Chuck Schumer in a statement.
Cyber security experts and U.S. intelligence officials have grown more alarmed in recent months by the possibility of destructive hacks of critical infrastructure such as dams, power plants and factories. Some have said a December cyber-attack on the Ukraine’s energy grid that caused a temporary blackout of 225,000 should serve as a wake-up call.
The hackers were identified as citizens and residents of Iran. They are accused of conspiracy to commit computer hacking while employed by two Iran-based computer companies, ITSecTeam and Mersad Company. Firoozi also is charged with obtaining and abetting unauthorized access to a protected computer. Even though Iran is not expected to extradite the suspects, FBI Director James Comey vowed to pursue justice. “The world is small and our memory is long,” he said at the news conference with Lynch. Dmitri Alperovitch, chief technology officer with cyber security firm CrowdStrike, said, “This sends an important message to Iran and other governments that these people cannot operate anonymously.”