A grand jury in Manhattan found that the seven defendants conducted a series of cyber attacks against civilian targets in the financial world, costing the victims tens of millions of dollars, Lynch said.
Advertisement
In addition, one of the alleged hackers is accused of repeatedly gaining access to the control system of the Bowman Avenue Dam, a small flood-control structure in Rye Brook, about 20 miles north of New York City.
The individuals, none of which are in US custody, were employed by two Iran-based computer companies that completed work for the Iran government, including the Iranian Revolutionary Guards Corps, which is tasked with protecting the nation’s Islamic system.
“The attacks were relentless, systematic and widespread”, Attorney General Loretta Lynch said.
Also in May 2015, head of the Iranian Cyber Police said Iran had foiled a hacking attack on its Ministry of Petroleum, which originated from the US. Hundreds of thousands of Americans were unable to access bank accounts online. The DDoS attacks on U.S. financial institutions were disruptive and costly, but the dam hacking poses a qualitatively different risk of harm. “By calling out the individuals and nations who use cyber attacks to threaten American enterprise, as we have done in this indictment, we will change behavior”.
The United States and Israel allegedly attacked Iran’s nuclear facilities in 2010 with a computer a virus called Stuxnet, although neither government has acknowledged it. “There is no place safe in this increasingly small world”, he said.
Zachary Goldman, executive director of New York University School of Law’s Center on Law and Security told the Washington Post that the indictment “demonstrates a continued commitment to raising the cost of cybercrime and to demonstrating that the USA government can uncover the tradecraft of cybercriminals and attribute their activities with confidence”.
Also this week, the DOJ unsealed criminal complaints against three members of the Syrian Electronic Army for cyber hacks against the USA government and private businesses, and a Chinese national pleaded guilty to participating in a conspiracy to hack into the computer networks of us defense contractors to exfiltrate military information back to the Chinese government. “Malicious control is about getting in to a system and persisting”, Pederson said.
Ted Kattouf, president of the non-profit AMIDEAST and former ambassador to Syria, agreed that additional sanctions against Iran are unlikely because US allies, including those in Europe, have no stomach for them.
That was the case with Su Bin, a Chinese businessman arrested in Canada two years ago and who pleaded guilty Wednesday to hacking USA defense contractors and stealing military information.
At least 46 major financial institutions and financial sector companies were targeted, including JPMorgan Chase (JPM.N), Wells Fargo (WFC.N) and American Express (AXP.N), the indictment said.
Cyber security experts and USA intelligence officials have grown more alarmed in recent months by the possibility of destructive hacks of critical infrastructure such as dams, power plants and factories.
Advertisement
Iran has previously been suspected in hacking attempts.
