(Cyberwar.news) Charges filed by U.S. authorities against seven Iranian hackers working for computer firms associated with the Iranian government – including the Islamic Revolutionary Guard Corps – make clear there is a clear and present cybersecurity danger to critical American infrastructure, government officials note.
As reported by Homeland Security Today, the group of Iranians has been charged with launching extensive cyberattacks against a small dam outside of New York City, as well as dozens of U.S. financial institutions. The attack raised much concern among U.S. officials about the vulnerability of crucial American infrastructure to foreign cyber assaults.
Charged are Ahmad Fathi, 37; Hamid Firoozi, 34; Amin Shokohi, 25; Sadegh Ahmadzadegan, aka Nitrojen26, 23; Omid Ghaffarinia, aka PLuS, 25; Sina Keissar, 25; and Nader Saedi, aka Turk Server, 26, for allegedly launching a distributed denial of service (DDoS) attack against at least 46 victims – most in the U.S. financial sector – between late 2011 and mid-2013.
The group attempted to disable computer servers of victims in order to prevent them from conducting business, including online banking services. Victim institutions experienced tens of millions of dollars in remediation costs as a result of the DDoS attacks, the indictment says.
“In unsealing this indictment, [the Department of Justice] is sending a powerful message: That we will not allow any individual, group, or nation to sabotage American financial institutions or undermine the integrity of fair competition in the operation of the free market,” said U.S. Attorney General Loretta Lynch.
In addition to the base set of charges, Firoozi is also charged with repeatedly obtaining unauthorized access to the Supervisory Control and Data Acquisition (SCADA) systems of the Bowman Avenue Dam, a small flood control station located in Rye, N.Y., in August and September of 2013.
As Homeland Security Today reported further:
This unauthorized access allowed him to obtain information regarding the status and operation of the dam, including information about the water levels, temperature. and status of the sluice gate, which is responsible for controlling water levels and flow rates. Remediation for the Bowman Dam intrusion cost over $30,000.
“The infiltration of the Bowman Avenue dam represents a frightening new frontier in cybercrime,” said U.S. Attorney Preet Bharara, of the Southern District of New York. “These were no ordinary crimes, but calculated attacks by groups with ties to Iran’s Islamic Revolutionary Guard and designed specifically to harm America and its people. We now live in a world where devastating attacks on our financial system, our infrastructure and our way of life can be launched from anywhere in the world, with a click of a mouse.”
Continuing, Bharara noted, “Confronting these types of cyber-attacks cannot be the job of just law enforcement. The charges announced today should serve as a wake-up call for everyone responsible for the security of our financial markets and for guarding our infrastructure. Our future security depends on heeding this call.”
If convicted all seven face a maximum sentence of 10 years in prison for conspiracy to commit and aid and abet computer hacking. Firoozi will face an additional five years for obtaining and abetting unauthorized access to a protected computer at the Bowman Dam.
Before the indictment was announced, U.S. Sen. Charles Schumer, D-N.Y., called the cyberattack a warning that some nation states now present a clear and present danger to critical infrastructure.
He noted that the Iranians were sending “a shot across our bow,” adding, that “they were saying that we can damage, seriously damage, our critical infrastructure and put the lives and property of people at risk.”
Cyberwar.news is part of the USA Features Media network.