| | | Effective PR

USA indicts Iranians over allegations of ransomeware.

Editorial Staff

It's almost too convenient: as the USA tries to find support for its push against Iran, the USA has managed to find two men it says were behind major ransomware attacks ranging from 2015 until September 2018. They are Iranian.

Even more bizarre is that some nit at the FBI thinks that a US assistant Attorney General is being original, perhaps even clever, by calling ransomware attacks "21st Century Blackmail." There are some who will be delighted at the news: US President Trump and his pro-Israeli groups have been angling for any persuasion they can to encourage action against Iran by other countries, almost all of which do not line up with the USA. Others will stand back and say "Really?"

This, in all its breathless excitement and hyperbole is the official news release by the FBI yesterday. It's verbatim.

Two Iranian men have been charged with deploying a sinister type of ransomware that crippled the operations of hospitals, municipalities, public institutions, and other critical networks in the United States and Canada, officials from the Department of Justice and the FBI announced today.

Beginning in 2015 and continuing until September 2018, SamSam ransomware infiltrated computer networks in Atlanta, Newark, and San Diego, as well as those of major health care providers, the University of Calgary, and others. Once deployed, the malware encrypted data and files. The creators then demanded payment by virtual currency to restore access to affected systems, a crime Assistant Attorney General Brian A. Benczkowski called “21st century blackmail” during a press conference today at the Department of Justice in Washington, D.C.

The toll of these cyberattacks was staggering: more than 230 entities infected, $6 million in ransom payments extorted, and an estimated $30 billion in damages to the affected public and private institutions.

“The actions highlighted today, which represent a continuing trend of cyber criminal activity emanating from Iran, were particularly threatening, as they targeted public safety institutions, including U.S. hospital systems and governmental entities,” said Amy Hess, executive assistant director of the FBI’s Criminal, Cyber, Response, and Services Branch. “As cyber threats evolve and cyber criminals develop more sophisticated techniques, so do we.”

The case was investigated through a coordinated international effort between the FBI, the United Kingdom’s National Crime Agency and West Yorkshire Police, and Canada’s Calgary Police Service and Royal Canadian Mounted Police. Significant assistance was provided by the Justice Department’s National Security Division and the Criminal Division’s Office of International Affairs. The courage and the cooperation of the ransomware victims was also key to the successful investigation.

“Through our valued partnerships, not just with our great law enforcement partners in the U.S. and abroad but with our partners in private industry and with the victims of these crimes, we will find criminals and hold them accountable,” said Hess. “Through persistence and collaboration, we will disrupt not only the criminal activity but also the ill-gotten livelihood of these actors.”

“The actions highlighted today, which represent a continuing trend of cyber criminal activity emanating from Iran, were particularly threatening, as they targeted public safety institutions, including U.S. hospital systems and governmental entities.”
FBI Executive Assistant Director Amy Hess

In the federal indictment unsealed in Newark, the U.S. Attorney for the District of New Jersey charged Faramarz Shahi Savandi and Mohammad Mehdi Shah Mansouri with one count of conspiracy to commit wire fraud, one count of conspiracy to commit fraud and related activity in connection with computers, two substantive counts of intentional damage to a protected computer, and two substantive counts of transmitting a demand in relation to damaging a protected computer.

Although the alleged criminal actors are in Iran and currently out of the reach of U.S. law enforcement, they can be apprehended if they travel, and the United States is exploring other avenues of recourse.

Victims were infected with the ransomware through vulnerabilities found in common software and network accesses points. Hess stressed the importance of computer security and hygiene for individuals and corporations. “We all need to do our part to make sure that our systems are as strong and secure and protected as possible,” she said.

And the FBI has, helpfully, issued a wanted poster. Here it is:

You can't make this up.

For the avoidance of doubt: the underlying reasons are in no way a laughing matter. There were hundreds of thousands, if not millions of lives put at risk as, amongst other things, hospital systems went down. The cost, estimated as some USD30 milliard, is astonishing, as is the fact that they actually managed to extract several million dollars in extortion money. If all those investigations have, indeed, narrowed the thing down to two men, it's a remarkable achievement.

But we should not forget the Stuxnet virus which was designed to target Iran but got out into the wild and caused immense harm - and who was behind that? The USA and Israel.

There is amazingly little in the world that is not connected in some way.

---------------- Advertising ----------------

World NomadsTravel Insurance | | Singapore Airlines