US Indicts Two Iranians for 200 Ransomware Attacks in US

Yesterday, the American Justice Department indicted Iranian citizens Faramarz Shahi Savandi, 34, and Mohammad Mehdi Shah Mansouri, 27, for executing remote cyber attacks against 200 American government agencies, municipalities and health care businesses, the Daily Mail reports.

The charges were announced by US Deputy Attorney General Rod Rosenstein, who vowed to apprehend the accused

“American justice has a long arm and we will wait and eventually we’re confident that we will take these perpetrators into custody.”

The US has no extradition treaty with Iran.

The two are the alleged creators of the notorious SamSam ransomware, a computer virus exploit weaknesses in targeted computer systems before seizing and encrypting sensitive data.

Once the data is locked up, a ransom of Bitcoins is typically demanded for the information’s release.

The attacks often took place after hours and were deployed remotely using European servers.

The two allegedly collected $6 million in ransoms and caused an estimated $30 million in damages.

The SamSam attacks began in January 2016. High profile targets included the cities of Newark and Atlanta; the Colorado Department of Transportation, the Port of San Diego as well as six health care companies.

Also speaking at the press conference was Craig Carpenito, the US Attorney for New Jersey, who characterized the SamSam attacks as, “…a dangerous escalation of cybercrime.”

Though the Justice Department said the hackers are not connected to the Iranian government, Carpenito suggested there was a political -or at least anti-social- dimension to the crimes:

“This is a new type of cybercriminal. Money is not their sole objective. They are seeking to harm our institutions and our critical infrastructure.”

The Justice Department would not confirm which of the victims had paid ransoms, but the Daily Mail unearthed reporting from the Atlanta Journal-Constitution showing the city, “…entered into emergency contracts worth $2.7million to help restore the city’s computer network after the attack.”

At the time, the attack on the Port of San Diego was characterized by CEO Randa Coniglio as “serious.”

The FBI, the Department of Homeland Security, the U.S. Coast Guard and local harbour police were all engaged to ensure the security of the Port of San Diego and adjacent coastline.

Sponsored Links by DQ Promote

Send this to a friend