The United States indicted two Iranian hackers who installed ransomware on critical computer systems of big U.S. cities, hospitals and other businesses. The two men extorted $6 million with what the Justice Department called “21st-century digital blackmail.”
U.S. Assistant Attorney General Brian Benczkowski said the charges demonstrated that the U.S. will “relentlessly pursue cybercriminals who harm American citizens, businesses and institutions, regardless of where those criminals may reside.”
Faramarz Shahi Savandi, 34, and Mohammad Mehdi Shah Mansouri, 27, “allegedly used hacking and malware to cause more than $30 million in losses to more than 200 victims,” said Deputy Attorney General Rod J. Rosenstein.
They infiltrated computer systems in 10 states and the University of Calgary in Canada, with more than 200 municipalities, state agencies, hospitals and other public and private entities victimized.
The hackers struck, among others, Hollywood Presbyterian Medical Center in Los Angeles and the Kansas Heart Hospital in Wichita, “cravenly taking advantage of the fact that (they) depend on their computer networks to serve the public, the sick and the injured without interruption,” said Craig Carpenito, the U.S. Attorney in Newark, New Jersey.
Exploiting vulnerabilities they uncovered remotely, the Iranian hackers installed ransomware that allowed them to encrypt the targets’ computer networks and demand payments in bitcoin, an anonymous cryptocurrency, prosecutors said. Iranian-based bitcoin exchanges converted the payments into Iranian rials.
The hackers demanded ransoms before they would provide decryption keys to let the victims regain control of their systems, according to the indictment.
The two launched their first attack in December 2015. The most recent known attack came on September 28, 2018.
Savandi and Mansouri are believed to be in Iran.
U.S. authorities “will continue to act to disrupt such criminal acts and identify those who are responsible for them, no matter where in the world they may seek to hide,” Carpenito said.
