The United States Justice Department on Wednesday said that three Iranian citizens have been charged with ransomware attacks that allegedly targeted power companies, local governments, and small businesses and nonprofits, including a domestic violence shelter.
The suspects are allegedly responsible for more than 100 cyberattacks in the United States and around the world. The individuals reportedly encrypted and stole data from victim networks while threatening to release them publicly or leave them encrypted unless exorbitant ransom payments were made.
Iranian Hackers Indicted
The Biden administration has made efforts to target hackers who have held U.S. targets essentially hostage, often sanctioned or sheltered by adversaries. The threat gained particular prominence in May 2021 after a Russia-based hacker group was believed to have conducted a ransomware attack on Georgia-based Colonial Pipeline.
Over the last year, Iran-based hackers have also been a focus for the U.S., with the FBI thwarting a planned cyberattack on a children's hospital in Boston. The incident would have been carried out by hackers sponsored by the Iranian government, as per the Associated Press.
In a statement on Wednesday, FBI Director Christopher Wray said, "The cyber threat facing our nation is growing more dangerous and complex every day. Today's announcement makes clear the threat is both local and global. It's one we can't ignore and it's one we can't fight on our own, either."
The Iranian hackers were identified in Wednesday's indictment but are not believed to have been working on behalf of their country's government. Instead, they had their own financial gain, and some of their victims were even located in Iran.
According to Politico, the hackers were Mansur Ahmadi, Ahmad Khatibi, and Amir Hossein Nickaein. Groups impacted by the suspects include health care, transportation, and utility companies.
Cyberattacks on American Infrastructures
The District of New Jersey U.S. Attorney's Office was the one that unveiled the charges during a press conference. The victims listed in the indictment include an unnamed township and accounting firm in New Jersey, along with unnamed power companies in Mississippi and Indiana.
Furthermore, the suspects also allegedly targeted a county government in Wyoming, a construction company in Washington, and the Bar Association for a U.S. state. The Justice Department said that several of the victims paid ransoms to Ahmadi, Khatibi, and Nickaein, following the ransomware attacks.
A Justice Department official added that Iranian individuals were still at-large and believed to be in Iran. He also stressed that while the suspect did not carry out the attacks on behalf of the Iranian government, the government allowed the attacks to take place.
The suspects were indicted on four counts, including intentionally damaging protected computers and transmitting ransom demands. At the time that they hacked the New Jersey accounting firm, they taunted the company with ransom demands. At one point, they demanded a payment of $50,000.
Iran's Permanent Mission to the United Nations did not respond immediately for comments regarding the indictment of the three individuals. The attacks are the latest examples of Iran tolerating or conducting reckless behavior in cyberspace that has cost U.S. businesses, government agencies, and NATO allies alike, CNN reported.
Related Article:
