Close
  • Latest News
  • Artificial Intelligence
  • Video
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Subscribe
Logo
  • Latest News
  • Artificial Intelligence
  • Video
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Subscribe
    Home Cybersecurity
    • Cybersecurity

    DOJ Charges Iran Hackers for Hitting New York Dam

    Written by

    Sean Michael Kerner
    Published March 24, 2016
    Share
    Facebook
    Twitter
    Linkedin

      eWEEK content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

      The U.S. government is taking direct legal aim at seven Iranian individuals for attacking American banks and infrastructure. The Department of Justice today announced that an indictment was issued by a grand jury in the Southern District of New York for attacks that include a 176-day distributed denial-of-service (DDoS) campaign against the U.S. financial sector, as well as an attack against the Bowman Dam in New York state.

      “For many years, nation states and their affiliates enjoyed what they perceived to be a cloak of anonymity. A cloak they hid behind to break our laws through cyber intrusions and to threaten our security and economic well-being,” Assistant Attorney General John P. Carlin said at a press conference announcing the charges. “They had this perceived cloak because they thought we couldn’t figure out who did it and, if we did figure it out, we would keep it a secret. They are wrong.”

      The seven individuals charged by the DOJ were employed by the Iran-based ITSecTeam (ITSEC) and Mersad Company (MERSAD), both of which have direct ties to the Islamic Revolutionary Guard Corps and the Iranian government. Charges against the seven individuals include conspiracy to commit and to aid and abet computer hacking. The seven individuals named by the DOJ indictment are Ahmad Fathi, 37; Hamid Firoozi, 34; Amin Shokohi, 25; Sadegh Ahmadzadegan (a.k.a. Nitr0jen26), 23; Omid Ghaffarinia (a.k.a. PLuS), 25; Sina Keissar, 25; and Nader Saedi (a.k.a. Turk Server), 26.

      Firoozi is the only one of the seven who is being directly charged in relation to the attack on the Bowman Dam, which occurred between Aug. 28 and Sept. 18, 2013. According to the indictment, Firoozi was able to repeatedly obtain unauthorized access to the Supervisory Control and Data Acquisition (SCADA) systems of the Bowman Dam in Rye, N.Y. With the access, the DOJ alleges that Firoozi was able to get status updates on the operation of the dam, including water levels and temperature. The access also gave Firoozi insight into the status of the dam’s sluice gate, which controls the water level.

      “Although that access would normally have permitted Firoozi to remotely operate and manipulate the Bowman Dam’s sluice gate, Firoozi did not have that capability because the sluice gate had been manually disconnected for maintenance at the time of the intrusion,” the DOJ stated.

      The DDoS campaign against U.S. financial institutions ran from December 2011 until September 2012. The attack hit a peak of 140G bps of data at its height, impacting the operations of multiple organizations, restricting access by customers to bank accounts.

      The actual DDoS attack was conducted by first building out a pair of botnets, comprised of an unspecified number of compromised systems. While the DDoS attacks did impact the operations of the attacked U.S. financial institutions, there was no data breach.

      “Although the DDoS campaign caused damage to the financial sector victims and interfered with their customers’ ability to do online banking, the attacks did not affect or result in the theft of customer account data,” the DOJ stated.

      This is not the first time that the DOJ has charged foreign nationals with attacking American organizations. In May 2014, the DOJ filed an indictment against Chinese Army officials alleging the theft of intellectual property from U.S. firms.

      “Today’s announcement proves, once again, there is no free pass for nation state affiliated computer intrusions,” Assistant Attorney General John P. Carlin said. “No matter where a hacker is located or who he is affiliated with—China or North Korea, ISIL or SEA [Syrian Electronic Army]—we can figure who did it, by name and face, we can do so publicly and we can impose consequences.”

      However, the DOJ has never managed to apprehend the Chinese attackers, and the same will likely be true in the new case against the Iranian hackers. To date, U.S. law enforcement has not brought the seven charged Iranian individuals into custody.

      Casey Ellis, CEO and founder of security vendor Bugcrowd, noted that given the increasing frequency of nation-to-nation attacks and the rising level of public awareness and concern about this type of vulnerability and threat, the DOJ should take a firm stand against these hackers, but more needs to be done to protect infrastructure from attack. “Adversaries cannot attack what is not vulnerable, and it’s widely known now that this type of infrastructure needs serious work when it comes to making it more resilient against attacks,” Ellis told eWEEK.

      Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.

      Sean Michael Kerner
      Sean Michael Kerner
      Sean Michael Kerner is an Internet consultant, strategist, and writer for several leading IT business web sites.

      Get the Free Newsletter!

      Subscribe to Daily Tech Insider for top news, trends & analysis

      Get the Free Newsletter!

      Subscribe to Daily Tech Insider for top news, trends & analysis

      MOST POPULAR ARTICLES

      Artificial Intelligence

      9 Best AI 3D Generators You Need...

      Sam Rinko - June 25, 2024 0
      AI 3D Generators are powerful tools for many different industries. Discover the best AI 3D Generators, and learn which is best for your specific use case.
      Read more
      Cloud

      RingCentral Expands Its Collaboration Platform

      Zeus Kerravala - November 22, 2023 0
      RingCentral adds AI-enabled contact center and hybrid event products to its suite of collaboration services.
      Read more
      Artificial Intelligence

      8 Best AI Data Analytics Software &...

      Aminu Abdullahi - January 18, 2024 0
      Learn the top AI data analytics software to use. Compare AI data analytics solutions & features to make the best choice for your business.
      Read more
      Latest News

      Zeus Kerravala on Networking: Multicloud, 5G, and...

      James Maguire - December 16, 2022 0
      I spoke with Zeus Kerravala, industry analyst at ZK Research, about the rapid changes in enterprise networking, as tech advances and digital transformation prompt...
      Read more
      Video

      Datadog President Amit Agarwal on Trends in...

      James Maguire - November 11, 2022 0
      I spoke with Amit Agarwal, President of Datadog, about infrastructure observability, from current trends to key challenges to the future of this rapidly growing...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2024 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.