US prosecutors have announced charges against four Iranian men for a hacking campaign that targeted US federal agencies and sensitive data held by American defense contractors. The hackers targeted the US State and Treasury departments, as well as more than a dozen US companies, including Pentagon contractors handling classified information. The hacking effort took place from 2016 to 2021 and infected over 200,000 victim devices, many of which contained sensitive or classified defense information.
It is unclear if the departments of State or Treasury networks were successfully hacked in the campaign. FBI Director Christopher Wray in 2022 blamed Iranian government-backed hackers for a cyberattack on Boston Children’s Hospital, which Tehran denied involvement in. In the indictment unsealed Tuesday, Hossein Harooni, Reza Kazemifar, Alireza Shafie Nasab, and Komeil Baradaran Salmani were charged with wire and computer fraud. Nasab had already been charged in a previous indictment unsealed in the Southern District of New York in February. The men are all in their 30s and remain at large.
Prosecutors accused three of the men of working for a front company in Iran that offered cybersecurity services. The Treasury Department announced sanctions on the four men and accused them of being affiliated with the Islamic Revolutionary Guard Corps, part of Iran’s armed forces. The State Department also offered a reward of up to $10 million for information leading to the identification or location of the men. Criminal activity originating from Iran is seen as a serious threat to America’s national security and economic stability, according to Attorney General Merrick Garland.
Hacking has long been a source of tension in the US-Iran relationship, with previous incidents involving cyberattacks on American entities attributed to Iran. The indictment against the four men highlights the ongoing cyber warfare between the two countries and the risks posed by state-sponsored hackers. The charges announced by US prosecutors underscore the seriousness of the cyber threats facing the United States and the need for robust cybersecurity measures to protect sensitive information.
The involvement of the Iranian government in cyberattacks against American targets raises concerns about the escalation of cyber warfare and the potential for retaliatory actions. The indictment of the four men for their role in the hacking campaign demonstrates the US government’s commitment to holding individuals accountable for cyber crimes. The sanctions imposed by the Treasury Department and the reward offered by the State Department signal a coordinated effort to address the cybersecurity threats posed by Iran and its affiliates.
The indictment of the four Iranian men for their involvement in a hacking campaign against US federal agencies and defense contractors highlights the persistent threat of cyber attacks from state-sponsored actors. The charges announced by US prosecutors underscore the need for enhanced cybersecurity measures and increased vigilance to protect critical infrastructure and sensitive information from malicious actors. The sanctions imposed on the individuals and the reward offered for their identification indicate a multi-faceted approach to addressing cyber threats and holding perpetrators accountable for their actions.
