The U.S. Department of Justice announced Thursday it has indicted seven people affiliated with the Iranian government suspected of cybercrimes against American critical infrastructure. The seven have been blamed for a breach of the computer systems on a small dam in upstate New York as well as a number of incidents against banks and financial institutions.
“The attacks were relentless, systematic and widespread,” U.S. Attorney General Loretta Lynch said in a statement upon unsealing the indictment. “They threatened our economic well-being and our ability to compete fairly in the global marketplace — both of which are directly linked to our national security. And we believe that they were conducted with the sole purpose of undermining the targeted companies and damaging the online operation of America’s free market.”
Lynch, who was joined by FBI Director James Comey, added that the Islamic Revolutionary Guard Corps, a branch of Iran’s armed forces, was involved in the attacks, which cost victims tens of millions of dollars. The attacks primarily consisted of distributed denial-of-service attacks — a method whereby websites and networks are overloaded with traffic and forced offline — on 46 financial institutions (including JPMorgan Chase and Wells Fargo) over 176 days between late 2011 and mid-2013. Another 2013 attack targeted the Bowman Avenue dam in Rye, New York, roughly 30 miles north of New York City, in which the suspect obtained illegal access to the facility’s control systems.
“At the time of this alleged intrusion, the dam was undergoing maintenance and had been disconnected from the system,” Lynch said. “But for that fact, that access would have given him the ability to control water levels and flow rates — an outcome that could have posed a clear danger to the public health and safety of Americans.”
The defendants are Ahmad Fathi, Hamid Firoozi, Amin Shokohi, Sadegh Ahmadzadegan, Omid Ghaffarinia, Sina Keissar and Nader Saedi. They all work for Iranian computer companies that receive funding from the Islamic Revolutionary Guard Corps, the Justice Department said. Firoozi is the prime suspect in the dam hack.
The indictment is a rare example of the U.S. government publicly pointing the finger at hackers believed to be responsible for international cyber operations. It’s part of the so-called name-and-shame campaign the Obama administration launched to identify cyber adversaries located in countries without extradition agreements with the U.S. In May 2014, the government posted the mug shots of five suspected Chinese military hackers accused of an eight-year espionage campaign. Since then, U.S. authorities have also blamed the North Korean government for the data breach that devastated Sony Pictures in 2014.