U.S. indicts seven hackers who targeted banks and dam

WASHINGTON—Seven hackers tied to the Iranian government were charged for in a series of punishing cyberattacks on dozens of banks and a small dam outside New York City, intrusions that reached into America’s infrastructure and disrupted the financial system, U.S. law enforcement officials said.

The indictment, announced at the Justice Department, reveals the determination of overseas hackers to cripple vital American interests, the officials said.

“The attacks were relentless, systematic and widespread,” Attorney General Loretta Lynch said. “They threatened our economic well-being and our ability to compete fairly in the global marketplace, both of which are directly linked to our national security.”

One of the seven alleged hackers is accused of repeatedly gaining access to the control system of the Bowman Avenue Dam, a small flood-control structure in Rye Brook, about 20 miles (32 kilometres) north of New York City. With that access, the hacker was able to get information about the dam’s operations, including its water level, temperature and the status of the sluice gate.

The hacker would have been able to operate the sluice gate, which controls water levels and flow rates, but the gate had been disconnected for maintenance when the intrusion occurred.

The seven accused hackers worked for a pair of Iranian computer companies linked to the Iranian government, including the Islamic Revolutionary Guard Corps, the U.S. said.

None of the individuals is in American custody, and the U.S. does not have an extradition treaty with Iran. But officials said the goal of cases such as this one is to put cybercriminals on notice that their mouse clicks can be traced, even if they’re on the other side of the globe.

“The message of this case is that we will work together to shrink the world and impose costs on these people so that no matter where they are, we will reach them,” said FBI Director James Comey.

The indictments stem from a series of cyber intrusions between 2011 and 2013 that officials say targeted 46 victims, primarily in the financial sector, that disabled bank websites and collectively caused tens of millions of dollars in losses.

It’s the latest instance of the Obama administration publicly blaming foreign nations for damaging cyber intrusions.

The Justice Department in May 2014 indicted five Chinese military officials suspected of hacking into several major American companies and stealing trade secrets. None of those individuals has been brought to America to face charges.

And that December, the federal government linked a damaging attack on Sony Pictures Entertainment to North Koreans.