U.S. authorities issued “wanted” notices for a group of Iranian hackers the U.S. believes are behind a 2013 computer intrusion of a small New York dam and a series of cyberattacks on dozens of U.S. banks, Attorney General Loretta Lynch and FBI Director James Comey announced Thursday.
The Justice Department made the announcement of a criminal indictment against seven Iran-based hackers during a news conference Thursday.
“A federal grand jury in Manhattan found that these seven individuals conspired together and with others to conduct a series of cyberattacks against civilian targets in the United States financial service industry, that in total or in all, in sum cost the victims tens of millions of dollars,” Lynch said.
CNN first reported earlier this month the U.S. government’s plan to “name and shame” the cyberattackers. Investigators believe the hackers were contracted by the Iranian government, according to U.S. officials close to the investigation.
It’s only the third such public announcement, part of a strategy shift in recent years intended to discourage foreign government’s from conducting cyberintrusions on U.S. government and corporate computer systems. The U.S. has publicly attributed cyberattacks on large U.S. industrial companies to Chinese military hackers and to North Korea for the Sony Pictures Entertainment.
The Iranian hackers targeted financial institutions in 2013 and 2014 with denial-of-service and other attacks. JP Morgan, Wells Fargo and dozens of other banks were victims of the group, U.S. investigators found.
The 2013 intrusion at the Bowman Avenue Dam, about 30 miles north of New York City in suburban Rye Brook, New York, wasn’t considered sophisticated — the hackers managed only to get access to some back office systems, not the operational systems of the dam, U.S. officials say. U.S. investigators quickly determined the attack was carried out by hackers working for the Iranian government.
But the attack alarmed Obama administration officials who have voiced concerns about the vulnerability of U.S. infrastructure to cyberattacks.