U.S. charges Iranians for cyberattacks on banks, dam

Story highlights

  • U.S. authorities issued Thursday "wanted" notices for a group of Iranian hackers
  • The criminal indictment against seven Iran-based hackers was announced during a news conference

Washington (CNN)U.S. authorities issued "wanted" notices for a group of Iranian hackers the U.S. believes are behind a 2013 computer intrusion of a small New York dam and a series of cyberattacks on dozens of U.S. banks, Attorney General Loretta Lynch and FBI Director James Comey announced Thursday.

The Justice Department made the announcement of a criminal indictment against seven Iran-based hackers during a news conference Thursday.
"A federal grand jury in Manhattan found that these seven individuals conspired together and with others to conduct a series of cyberattacks against civilian targets in the United States financial service industry, that in total or in all, in sum cost the victims tens of millions of dollars," Lynch said.
    CNN first reported earlier this month the U.S. government's plan to "name and shame" the cyberattackers. Investigators believe the hackers were contracted by the Iranian government, according to U.S. officials close to the investigation.
    On January 21, 2016, a grand jury in the Southern District of New York indicted seven Iranian nationals for their involvement in conspiracies to conduct a coordinated campaign of distributed denial of service ("DDoS") attacks against the United States financial sector and other United States companies from 2011 through 2013.  Each defendant was a manager or employee of ITSecTeam or Mersad, private security computer companies based in the Islamic Republic of Iran that performed work on behalf of the Iranian Government, including the Islamic Revolutionary Guard Corps.
    It's only the third such public announcement, part of a strategy shift in recent years intended to discourage foreign government's from conducting cyberintrusions on U.S. government and corporate computer systems. The U.S. has publicly attributed cyberattacks on large U.S. industrial companies to Chinese military hackers and to North Korea for the Sony Pictures Entertainment.
    The Iranian hackers targeted financial institutions in 2013 and 2014 with denial-of-service and other attacks. JP Morgan, Wells Fargo and dozens of other banks were victims of the group, U.S. investigators found.
    The 2013 intrusion at the Bowman Avenue Dam, about 30 miles north of New York City in suburban Rye Brook, New York, wasn't considered sophisticated -- the hackers managed only to get access to some back office systems, not the operational systems of the dam, U.S. officials say. U.S. investigators quickly determined the attack was carried out by hackers working for the Iranian government.
    But the attack alarmed Obama administration officials who have voiced concerns about the vulnerability of U.S. infrastructure to cyberattacks.