Roman Babakin/iStock/Thinkstock(WASHINGTON) — Remember the big cyber-attack on the MedStar hospital chain a couple of years ago that gained national headlines? Or the ransomware attack on the city of Atlanta earlier this year? Or the attack on the city of Newark?
The Justice Department and FBI announced Wednesday that they have now indicted two Iranian men for launching those attacks from Iran — and for attacking more than 200 other targets throughout the United States and the world, including those mentioned as well as on hospitals and critical infrastructure. In all, officials say, the pair extorted more than $6 million from the targets of their ransomware attacks, and victims lost more than $30 million.
Officials alleged Mohammad Medhid Shah Mansouri and Faramarz Shahi Savandi launched the SamSam ransomware attack and said their targets included several sectors including healthcare, transportation and state and local governments.
“The defendants allegedly hijacked victims’ computer systems and shut them down until the victims paid a ‘ransom,'” Deputy Attorney General Rod Rosenstein said.
Other targets included the Colorado Department of Transportation and the Port of San Diego, California.
“The defendants did not just indiscriminately cross their fingers and hope their ransomware randomly compromised just any computer system. Rather, they deliberately engaged in an extreme form of 21st century digital blackmail, attacking and extorting vulnerable victims like hospitals and schools, victims they knew would be willing and able to pay,” the head of DOJ’s Criminal Division, Brian Benczkowski, said.
U.S. Attorney Craig Carpenito said that the SamSam ransomware was a new type and that the defendants’ sole objective wasn’t just money. He pointed to the institutions targeted and noted that they were some of the most vulnerable targets.
“Every sector of our economy is a target of malicious cyber activity. But the events described in this Indictment highlight the urgent need for municipalities, public utilities, health care institutions, universities and other public organizations to enhance their cybersecurity,” Rosenstein warned.
DOJ officials wouldn’t say whether the Iranian government had any role or link here. They did say that even though the two defendants are not in custody, U.S. authorities will continue to pursue them, making it harder for them to travel around the world and conduct business.
Meanwhile, the Treasury Wednesday announced sanctions against two Iranians for facilitating bitcoin payments for ransomware attacks that were worth millions of U.S. dollars. The sanctions are not against the two Iranians now under indictment, but they are related to the case, according to a DOJ official.
Copyright © 2018, ABC Radio. All rights reserved.