Modern field guide to security and privacy

Justice Department indicts seven Iranians for campaign of cyberattacks

The Justice Department indictment against Iranians for attacking banks and hacking into a New York dam is just the second time the US government has named foreigners in an indictment involving computer crimes against US businesses. 

Jonathan Ernst/Reuters
FBI Director James Comey at a news conference to announce indictments on Iranians for a coordinated campaign of cyberattacks in 2012 and 2013.

In a rare sweeping indictment against alleged foreign hackers, the Justice Department on Thursday charged seven Iranians for breaking into the computer network of a small New York dam and for digital attacks against more than 40 US banks. 

The indictment unveiled by US Attorney General Loretta Lynch charges the Iranians in a campaign of distributed denial of service, or DDoS, attacks that targeted 46 American companies between 2011 and 2013. Additionally, the indictment names one of the alleged hackers for a 2013 attack on a small dam in upstate New York. 

"The attacks were relentless, systematic, and widespread," Ms. Lynch said in a press conference Thursday. "We believe that they were conducted with the sole purpose of undermining the targeted companies and damaging the online operation of America’s free market."

The DDoS attacks struck at the heart of the US financial system – affecting banks such as JP Morgan and Bank of America, as well as the New York Stock Exchange and Nasdaq. Justice officials said the attacks cut off hundreds of thousands of customers from their bank accounts and they suspect the hackers – who the government says worked for Iranian tech companies – conducted the attacks with the consent and knowledge of Iran's powerful Islamic Revolutionary Guard Corps.

Thursday’s announcement is just the second time the US government has charged foreigners with computer crimes against US entities and the first such charges that involve attacks on US critical infrastructure. In 2014, the Justice Department indicted five Chinese nationals associated with China’s People’s Liberation Army for allegedly breaching US companies.

FBI Director James Comey said the fact that the US is reaching across border to pursue computer crimes could deter similar attacks in the future. "There is no place safe in this increasingly small world,” he said.

The Manhattan US Attorney's Office charged each of the seven hackers with conspiring to commit, aid, and abet computer hacking for their roles in the denial-of-service attacks against US companies. The charges carry a maximum 10-year prison sentence. Hamid Firoozi, who the government has charged with breaking New York dam, faces an additional count of computer hacking.

If the government's previous charges against foreigners in computer crimes cases are any indication, it's unlikely the Iranian government will extradite the suspected hackers to face the charges in US courts. The five Chinese nationals from the 2014 indictment have not appeared in US court.

Justice Department officials refused to comment on how they identified the alleged Iranian hackers.

"It’s great police work, great intelligence to get down to this level," said Jason Healey, a cybersecurity expert and senior research scholar at Columbia University's School of International and Public Affairs.

But, said Mr. Healey, the government isn't just going after a few individuals with this case, it is sending a message to Iran that the US won't tolerate a growing number of cyberattacks originating from the Islamic Republic. "The US is trying to make a full case for dropping the threshold and trying to cool down cyberconflict quite a bit."

Still, other experts worry that brining criminal charges against suspected hackers may compel other nations to pursue charges against the US over digital espionage or other activities in cyberspace. "If foreign governments actually take our lead, we would start to see US military and intelligence professionals on [wanted] posters in China, Russia, Iran and other places,” said Robert M. Lee, chief executive of the security firm Dragos Security and a former US Air Force cyber officer. "That is something we should seriously want to avoid."

What's more, said Mr. Lee, the government should be more transparent when it comes to explaining how it pinpointed the individuals named in the indictment. An expert in industrial control systems, Lee doubts the government's claim that Mr. Firoozi, who the government charged for the attack of the Bowman Avenue Dam in Rye, N.Y., penetrated the facility's control systems, allowing him to manipulate water levels at the facility. Lee said the dam did not have those systems in place. 

Rep. Adam Schiff (D) of California, the House Intelligence Committee's ranking member, said the charges "should serve as a strong message to all hackers, whether criminals or nation states, that their anonymity is not guaranteed online."

The charges come on the heels of major developments in two Justice Department hacking cases this week. On Wednesday, Chinese businessman Su Bin pleaded guilty to siphoning sensitive military data from US defense contractors and sending it to China – including plans for fighter jets and US Air Force cargo planes. Also, the agency charged three members of the Syrian Electronic Army – a pro-government hacking group – for engaging in spear-phishing, extortion, and hijacking the Associated Press Twitter account and the US Army’s website.

 

You've read  of  free articles. Subscribe to continue.

Dear Reader,

About a year ago, I happened upon this statement about the Monitor in the Harvard Business Review – under the charming heading of “do things that don’t interest you”:

“Many things that end up” being meaningful, writes social scientist Joseph Grenny, “have come from conference workshops, articles, or online videos that began as a chore and ended with an insight. My work in Kenya, for example, was heavily influenced by a Christian Science Monitor article I had forced myself to read 10 years earlier. Sometimes, we call things ‘boring’ simply because they lie outside the box we are currently in.”

If you were to come up with a punchline to a joke about the Monitor, that would probably be it. We’re seen as being global, fair, insightful, and perhaps a bit too earnest. We’re the bran muffin of journalism.

But you know what? We change lives. And I’m going to argue that we change lives precisely because we force open that too-small box that most human beings think they live in.

The Monitor is a peculiar little publication that’s hard for the world to figure out. We’re run by a church, but we’re not only for church members and we’re not about converting people. We’re known as being fair even as the world becomes as polarized as at any time since the newspaper’s founding in 1908.

We have a mission beyond circulation, we want to bridge divides. We’re about kicking down the door of thought everywhere and saying, “You are bigger and more capable than you realize. And we can prove it.”

If you’re looking for bran muffin journalism, you can subscribe to the Monitor for $15. You’ll get the Monitor Weekly magazine, the Monitor Daily email, and unlimited access to CSMonitor.com.