According to the Justice Department, three Iranian citizens have been accused in the US with malware attacks that hit Pennsylvania’s domestic violence shelter among other power companies, local governments, small businesses, and charitable organizations.
The allegations against the suspected hackers allege that they attacked hundreds of organizations in the United States and abroad, encrypted and stole data from victim networks, and threatened to make the data public or leave it encrypted unless huge ransom payments were made. The victims did make some of those payments, according to the department.
When a Russian hacking gang was accused of attacking Georgia’s Colonial Pipeline with ransomware in May 2021, disrupting gas supply along the East Coast, the issue rose to prominence. Iran-based hackers have also come under scrutiny in the past year, with the FBI successfully foiling a cyberattack on a Boston children’s hospital that was going to be carried out by hackers supported by the Iranian government.
On Wednesday, the Office of Foreign Assets Control of the Treasury Department imposed sanctions on 10 people and two organizations connected to the Iranian Islamic Revolutionary Guard Corps that it claims were engaged in destructive cyber activity, including ransomware. The three defendants in the Justice Department lawsuit were named by the Treasury Department as working for Revolutionary Guard-affiliated technological companies.
A municipality in Union County in New Jersey, where the hacking incident occurred last year, filed the lawsuit there.
Between October 2020 and last month, when the indictment was released under seal, the suspected hacking allegedly took place. Mansour Ahmadi, Ahmad Khatibi Aghda, and Amir Hossein Nickaein Ravari, the three defendants, are charged with breaking into the victims’ computer networks using known or openly revealed vulnerabilities in software applications.
