3 Iranian citizens charged in broad hacking campaign in US

Sep 13, 2022, 8:05 PM | Updated: Sep 15, 2022, 7:23 am
FILE - An American flag flies outside the Department of Justice in Washington, March 22, 2019. The ...

FILE - An American flag flies outside the Department of Justice in Washington, March 22, 2019. The Justice Department says three Iranian citizens have been charged in the United States with cyberattacks that targeted power companies, local governments and small businesses and nonprofits, including a domestic violence shelter. (AP Photo/Andrew Harnik, File)

(AP Photo/Andrew Harnik, File)

WASHINGTON (AP) — The Justice Department said Wednesday that three Iranian citizens have been charged in the United States with ransomware attacks that targeted power companies, local governments and small businesses and nonprofits, including a domestic violence shelter.

The charges accuse the hacking suspects of targeting hundreds of entities in the U.S. and around the world, encrypting and stealing data from victim networks, and threatening to release it publicly or leave it encrypted unless exorbitant ransom payments were made. In some cases, the victims made those payments, the department said.

The Biden administration has tried to go after hackers who have held U.S. targets essentially hostage, often sanctioned or sheltered by adversaries. The threat gained particular prominence in May 2021 when a Russia-based hacker group was accused of conducting a ransomware attack on Georgia-based Colonial Pipeline, which disrupted gas supplies along the East Coast.

Iran-based hackers have also been a focus over the last year, with the FBI thwarting a planned cyberattack on a children’s hospital in Boston that was to have been carried out by hackers sponsored by the Iranian government.

“The cyber threat facing our nation is growing more dangerous and complex every day,” FBI Director Christopher Wray said in a statement accompanying the indictment unsealed Wednesday. “Today’s announcement makes clear the threat is both local and global. It’s one we can’t ignore and it’s one we can’t fight on our own, either.”

The hackers named in Wednesday’s indictment are not believed to have been working on behalf of the Iranian government but instead for their own financial gain, and some of the victims were even in Iran, according to a senior Justice Department official who briefed reporters on the case on the condition of anonymity under ground rules set by the department.

But the official said the activity, even if not directed by the Iranian government, exists because the regime permits hackers to largely operate with impunity.

In a related action Wednesday, the Treasury Department’s Office of Foreign Assets Control sanctioned 10 individuals and two entities affiliated with Iran’s Islamic Revolutionary Guard Corps who it says have been involved in malicious cyber activities, including ransomware. The Treasury Department identified the three defendants in the Justice Department case as employees of technology firms it says is affiliated with the Revolutionary Guard.

John Hultquist, vice president for threat intelligence at the cybersecurity firm Mandiant, said his team has been tracking the Iranian actors for some time and assessed they are contractors for the Revolutionary Guard who have been moonlighting as criminal hackers. He said they are especially dangerous because “any access they gain could be served up for espionage or disruptive purposes.

The actions come amid an apparent stalemate in talks between the U.S. and Iran over the possible revival of a 2015 nuclear deal. Israel and some U.S. lawmakers of both parties are pushing the Biden administration to get tougher on Iran, calling the negotiations on Iran’s nuclear program a failure.

The three accused hackers are thought to be in Iran and have not been arrested, but the Justice Department official said the pending charges make it “functionally impossible” for them to leave the country.

The case was filed in federal court in New Jersey, where a municipality and an accounting firm were among the victims.

The alleged hacking took place between October 2020 through last month, when the indictment was issued under seal. The three defendants — identified as Mansour Ahmadi, Ahmad Khatibi Aghda and Amir Hossein Nickaein Ravari — are accused of exploiting known or publicly disclosed vulnerabilities in software applications to break into the victims’ computer networks.

Prosecutors say the victims were seen by the defendants as targets of opportunities.

They included a domestic violence shelter in Pennsylvania, which the indictment says was extorted out of $13,000 to recover its hacked data; electric utilities in Indiana and Mississippi; a county government in Wyoming; and a construction company in Washington state.

___

Associated Press writers Fatima Hussein and Ellen Knickmeyer in Washington and Frank Bajak in Boston contributed to this report.

___

Follow Eric Tucker on Twitter at http://www.twitter.com/etuckerAP.

Copyright © The Associated Press. All rights reserved. This material may not be published, broadcast, rewritten or redistributed.

AP

A model of the house where a precision counterterrorism operation killed al-Qaida's leader Ayman al...
Associated Press

CIA unveils model of al-Qaida leader al-Zawahri’s hideout

MCLEAN, Virginia (AP) — The CIA revealed on Saturday the model of a safe house used to brief President Joe Biden about the whereabouts of al-Qaida leader Ayman al-Zawahri before it killed him in a drone strike in Afghanistan. Shortly after al-Zawahri’s death, White House officials released a photo showing Biden talking to CIA Director […]
15 hours ago
Associated Press

Opposition leads in 1st round of Czech Senate election

PRAGUE (AP) — The major opposition party in the Czech Republic appeared to be leading Saturday in the first round of elections for one-third of the seats in Parliament’s upper house, the Senate. With ballots from more than 95% of ballot stations counted, the centrist ANO movement led by former Prime Minister Andrej Babis had […]
15 hours ago
Arizona Secretary of State Latie Hobbs, left, the Democratic nominee for governor, and Kris Mayes, ...
Associated Press

GOP quiet as Arizona Democrats condemn abortion ruling

PHOENIX (AP) — Arizona Democrats vowed Saturday to fight for women’s rights after a court reinstated a law first enacted during the Civil War that bans abortion in nearly all circumstances, looking to capitalize on an issue they hope will have a major impact on the midterm elections. Republican candidates were silent a day after […]
15 hours ago
Andy Huynh, left, and Alex Drueke, far right, are seen hugging their loved ones after arriving at B...
Associated Press

‘We got our miracle’: Freed Americans back home in Alabama

BIRMINGHAM, Ala. (AP) — Two U.S. military veterans who disappeared three months ago while fighting with Ukrainian forces against Russia arrived home to Alabama on Saturday, greeted by hugs, cheers and tears of joy at the state’s main airport. Alex Drueke, 40, and Andy Huynh, 27, had gone missing June 9 in the Kharkiv region […]
15 hours ago
Foreign Minister of India Subrahmanyam Jaishankar addresses the 77th session of the United Nations ...
Associated Press

India stays neutral on Ukraine war, previews G-20 term at UN

UNITED NATIONS (AP) — India’s foreign minister laid out the country’s plans for its turn at the G-20 presidency during his speech Saturday in front of the U.N. General Assembly. India assumes the mantle of the consortium of leading developed and developing nations in December. Subramanyam Jaishankar said India’s approach would be “based on principles […]
15 hours ago
Environmental Protection Agency Administrator Michael Regan announces a new federal office of envir...
Associated Press

Biden administration launches environmental justice office

WARRENTON, N.C. (AP) — President Joe Biden’s top environment official visited what is widely considered the birthplace of the environmental justice movement Saturday to unveil a national office that will distribute $3 billion in block grants to underserved communities burdened by pollution. Forty years after a predominantly Black community in Warren County, North Carolina, rallied […]
15 hours ago

Sponsored Articles

Anacortes Christmas Tree...

Come one, come all! Food, Drink, and Coastal Christmas – Anacortes has it all!

Come celebrate Anacortes’ 11th annual Bier on the Pier! Bier on the Pier takes place on October 7th and 8th and features local ciders, food trucks and live music - not to mention the beautiful views of the Guemes Channel and backdrop of downtown Anacortes.
Swedish Cyberknife Treatment...

The revolutionary treatment of Swedish CyberKnife provides better quality of life for majority of patients

There are a wide variety of treatments options available for men with prostate cancer. One of the most technologically advanced treatment options in the Pacific Northwest is Stereotactic Body Radiation Therapy using the CyberKnife platform at Swedish Medical Center.
Work at Zum Services...

Seattle Public Schools announces three-year contract with Zum

Seattle Public Schools just announced a three-year contract with a brand-new company to the Pacific Northwest to assist with their student transportation: Zum.
Swedish Cyberknife 900x506...

June is Men’s Health Month: Here’s Why It’s Important To Speak About Your Health

According to the Centers for Disease Control and Prevention, men in the United States, on average, die five years earlier than women.
...

Anacortes – A Must Visit Summertime Destination

While Anacortes is certainly on the way to the San Juan Islands (SJI), it is not just a destination to get to the ferry… Anacortes is a destination in and of itself!
...

Ready for your 2022 Alaskan Adventure with Celebrity Cruises?

Celebrity Cruises SPONSORED — A round-trip Alaska cruise from Seattle is an amazing treat for you and a loved one. Not only are you able to see and explore some of the most incredible and visually appealing natural sights on the planet, but you’re also able to relax and re-energize while aboard a luxury cruise […]
3 Iranian citizens charged in broad hacking campaign in US