Attorney General Loretta Lynch, FBI Director James Comey, and other law enforcement officials announced on Thursday that the US government has indicted Iranian hackers with ties to the country’s military for cyberattacks on nearly 50 banks, stock exchanges, and even a dam in New York state.
The government’s indictment says that between 2011 and 2013 the group of seven hackers carried out a long series of attacks on major financial institutions including the New York Stock Exchange, Bank of America, and JPMorgan Chase, slowing down the companies’ operations and frequently cutting off customers from their accounts. “These attacks were relentless, they were systematic, and they were widespread,” Lynch said at a press conference on Thursday. “We believe they were conducted with the sole purpose of undermining the American free market.”
The hackers, who the government says worked for Iranian companies tied to the country’s elite Islamic Revolutionary Guard Corps, also broke into the computer system that runs a flood-control dam in Rye, New York. While they were able to roam the dam’s systems looking for vulnerabilities, they could not do any damage because the dam’s sluice gate was disabled for maintenance.
Because the seven hackers charged all live in Iran, the indictment is mostly symbolic. But cybersecurity experts say it’s still an important signal that the United States is paying attention to cyberattacks by other nations and is willing to take action. “We need to make clear that there will be consequences for cyberattacks and that the Wild West days are coming to an end,” cybersecurity expert James Lewis of the Center for Strategic and International Studies told Reuters, which first reported that the indictments would be unveiled.
Comey, the FBI director, said the indictment also meant the United States would remain vigilant in case the hackers slip up while leaving Iran. “The world is small, and our memories are long. We never say never,” he said.
The government said the hackers were able to carry out the attacks by taking control of computers that hadn’t downloaded security updates, which fix newly discovered software bugs and other vulnerabilities. Ironically, many tech experts and privacy advocates have said the government’s high-profile attempt to order Apple to help unlock the phone of one of the San Bernardino shooters would have led more people to distrust and stop downloading those vital security updates, leaving even more computers and devices vulnerable to cyberattacks. The government’s order was suspended on Sunday after the FBI claimed an “outside party,” potentially the Israeli company Cellebrite, had given the agency a previously unknown way to hack into the phone.