No less than 46 U.S. financial institutions, as well as a dam in New York, were allegedly targeted.
On Thursday morning, the Department of Justice unsealed an indictment against seven Iranian citizens allegedly funded by the Islamic Revolutionary Guard Corps, accusing them of launching a coordinated cyber-attack against a minimum of 46 American financial institutions, as well as a major New York dam.
In a press conference with some of American law enforcement’s heaviest hitters, including F.B.I. director James Comey and U.S. district attorney Preet Bharara, Attorney General Loretta Lynch announced that members of two Iran-based computer companies, ITSecTeam and the Mersad Company, had launched coordinated distributed denial of service (DDoS) attacks against the Web sites of dozens of financial institutions, including the New York Stock Exchange, Bank of America, Capital One, ING, and AT&T, disabling them and preventing their customers from accessing their accounts. In addition, one of the alleged hackers, Hamid Firoozi, was said to have illegally accessed a computer in charge of the Bowman Dam in Rye, New York, giving him the ability to remotely control its operations and potentially cause “a threat to public health or safety.” According to the Department of Justice, the two groups received funding from the Islamic Revolutionary Guard, the elite government militia tasked with defending Islamic law in Iran.
Lynch said in a statement that the attacks not only cost these companies “tens of millions of dollars” to restore their Web sites, but highlighted how foreign cyber-attacks have become a major threat to U.S. national security.
“In unsealing this indictment, the Department of Justice is sending a powerful message: that we will not allow any individual, group, or nation to sabotage American financial institutions or undermine the integrity of fair competition in the operation of the free market,” she said in the prepared statement.
According to the indictment, the DDoS attacks took place over 176 days between 2011 and 2013. The attacks on U.S. targets took place after Iran’s nuclear capabilities were sabotaged by the Stuxnet virus, believed to have been a joint effort between the U.S. and Israeli governments, in mid-2010.
The indictment also comes after a series of high-profile cyber-attacks on the United States government. In 2014 alone, the government experienced more than 61,000 attacks on their computer systems, affecting several administrative agencies such as the State Department, the Energy Department, and the White House. Last year, the Office of Personnel Management (O.P.M.) was the target of the largest attack to date, in which Chinese hackers stole sensitive personal information from 21.5 million past and present government employees.
During the press conference Thursday morning, Comey said that the indictment was meant to show the world that the U.S. government was ready to respond to foreign-based cyber-attacks, no matter where they came from or the scale of the attack. “By calling out the individuals and nations who use cyber-attacks to threaten American enterprise, as we have done in this indictment, we will change behavior,” he said.