https://www.insurancejournal.com/news/national/2022/09/16/685303.htm Skip to content * MyNewMarkets.com * Claims Journal * Insurance Journal TV * Academy of Insurance * Carrier Management Insurance Journal - Property Casualty Industry News Featured Stories * Florida's Citizens Tops 1 Million Policies * Tennessee Launches Captive Cyber, Property Insurer * News * Markets Search News [ ] [Search] Search Markets [ ] [Search] Current Magazine current magazine * Read Online * Subscribe * Front Page + National + International + Most Popular + Magazine + Forums + Blogs + Videos/Podcasts + Newsletters * News + Most Popular + National + International + East + Midwest + South Central + Southeast + West * Magazines + East + Midwest + South Central + Southeast + West + Subscribe * Research * Directories * Jobs * Features + Events + Forums + Insurance Twitter + Market Directories + Quotes + Polls + Rankings & Awards + Insurance Giving Back * Subscribe [INS::INS] 3 Iranian Citizens Charged in Broad Hacking Campaign in US By Eric Tucker | September 16, 2022 [bigstock-hackers-coding-ransomware-371607862-580x387] Email This Subscribe to Newsletter Email to a friend Facebook Tweet LinkedIn Print Article * Article * 0 Comments The Justice Department said Wednesday that three Iranian citizens have been charged in the United States with ransomware attacks that targeted power companies, local governments and small businesses and nonprofits, including a domestic violence shelter. The charges accuse the hacking suspects of targeting hundreds of entities in the U.S. and around the world, encrypting and stealing data from victim networks, and threatening to release it publicly or leave it encrypted unless exorbitant ransom payments were made. In some cases, the victims made those payments, the department said. [INS::INS] The Biden administration has tried to go after hackers who have held U.S. targets essentially hostage, often sanctioned or sheltered by adversaries. The threat gained particular prominence in May 2021 when a Russia-based hacker group was accused of conducting a ransomware attack on Georgia-based Colonial Pipeline, which disrupted gas supplies along the East Coast. Iran-based hackers have also been a focus over the last year, with the FBI thwarting a planned cyberattack on a children's hospital in Boston that was to have been carried out by hackers sponsored by the Iranian government. "The cyber threat facing our nation is growing more dangerous and complex every day," FBI Director Christopher Wray said in a statement accompanying the indictment unsealed Wednesday. "Today's announcement makes clear the threat is both local and global. It's one we can't ignore and it's one we can't fight on our own, either." The hackers named in Wednesday's indictment are not believed to have been working on behalf of the Iranian government but instead for their own financial gain, and some of the victims were even in Iran, according to a senior Justice Department official who briefed reporters on the case on the condition of anonymity under ground rules set by the department. But the official said the activity, even if not directed by the Iranian government, exists because the regime permits hackers to largely operate with impunity. In a related action Wednesday, the Treasury Department's Office of Foreign Assets Control sanctioned 10 individuals and two entities affiliated with Iran's Islamic Revolutionary Guard Corps who it says have been involved in malicious cyber activities, including ransomware. The Treasury Department identified the three defendants in the Justice Department case as employees of technology firms it says is affiliated with the Revolutionary Guard. [INS::INS] John Hultquist, vice president for threat intelligence at the cybersecurity firm Mandiant, said his team has been tracking the Iranian actors for some time and assessed they are contractors for the Revolutionary Guard who have been moonlighting as criminal hackers. He said they are especially dangerous because "any access they gain could be served up for espionage or disruptive purposes. The actions come amid an apparent stalemate in talks between the U.S. and Iran over the possible revival of a 2015 nuclear deal. Israel and some U.S. lawmakers of both parties are pushing the Biden administration to get tougher on Iran, calling the negotiations on Iran's nuclear program a failure. The three accused hackers are thought to be in Iran and have not been arrested, but the Justice Department official said the pending charges make it "functionally impossible" for them to leave the country. The case was filed in federal court in New Jersey, where a municipality and an accounting firm were among the victims. The alleged hacking took place between October 2020 through last month, when the indictment was issued under seal. The three defendants - identified as Mansour Ahmadi, Ahmad Khatibi Aghda and Amir Hossein Nickaein Ravari - are accused of exploiting known or publicly disclosed vulnerabilities in software applications to break into the victims' computer networks. Prosecutors say the victims were seen by the defendants as targets of opportunities. They included a domestic violence shelter in Pennsylvania, which the indictment says was extorted out of $13,000 to recover its hacked data; electric utilities in Indiana and Mississippi; a county government in Wyoming; and a construction company in Washington state. Copyright 2022 Associated Press. All rights reserved. This material may not be published, broadcast, rewritten or redistributed. Topics USA Cyber Was this article valuable? Yes No Thank you! Please tell us what we can do to improve this article. [ ] Submit No Thanks Thank you! % of people found this article valuable. Please tell us what you liked about it. [ ] Submit No Thanks Here are more articles you may enjoy. The concept of success. A group of young business people learned good news their project was approved in the work. Company development and joy.It's a Great Time in Surplus Lines [financial-risks-ab]Underwriting No Longer Sole Path to Profit, Say Berkley Execs [am-best-upgrades-c]Price Increases Continue at 6% for U.S. Commercial Insurance in Q2: WTW [roof-150x150]Misrepresentation by Insured? It's Complicated, Florida Appeals Court Rules Written By Eric Tucker More From Author Interested in Cyber? Get automatic alerts for this topic. [ ] [ ] Submit Email This Subscribe to Newsletter Email to a friend Facebook Tweet LinkedIn Print Article * Categories: National NewsTopics: cyber, hackers, Iranian hackers, Islamic Revolutionary Guard Corps, ransomware, U.S. Department of Justice * Have a hot lead? Email us at newsdesk@insurancejournal.com [INS::INS] Add a CommentSee All Comments (0)Add a Comment Cancel reply Your email address will not be published. Required fields are marked * Name *[ ] Email *[ ] [ ] [ ] [ ] [ ] [ ] [ ] [ ] Comment[ ] [Post Comment] [ ] [ ] [ ] [ ] [ ] [ ] [ ] D[ ] [ ]Notify me of comments via e-mail More News [wildfire-150x150]California Commissioner Orders Insurance Cancellation Moratorium for new Wildfire [bigstock-hackers-c]3 Iranian Citizens Charged in Broad Hacking Campaign in US [climate_change-150]Decade Old Climate Report Warned of Extreme Weather [lawsuit-150x150]Woman Whose Rape DNA Led to Her Arrest in California Files Lawsuit More News Features [INS::INS] Read This Next * 3 Iranian Citizens Charged in Broad Hacking Campaign in US * 3M Belgian Settlement Signals Increased Risk of 'Toxic Torts' in Europe * Jackson Businesses Lost Water and Customers But Insurance Probably Won't Cover * Beyond Zeros and Ones: When Cyber Attacks Become Physical * Forged Signatures, Fake Policies? Lawsuits Raise Questions About Captive Insurance Plan [INS::INS] Insurance Jobs * Insurance Agency Bookkeeper - 100% REMOTE - Los Angeles, CA * Trial Attorney - Wall, NJ (Remote/Home Based) - Cranford, NJ * Lead Software Engineer - Remote - Buffalo, NY * Inside Claim Representative - Boiler & Machinery - Hartford, CT * VP, Human Resources - Hartford, CT MyNewMarkets * Real Estate Strategy: How to Win in Today's Challenging Market * Beyond the Desktop: 3D Printing with Concrete * Over 20 New E&S Entrants Reshaping Marketplace: RPS * Green Building Investments Reach New Heights But Can Carrier Capacity Keep Up? * Captives, MGAs, MGUs Contribute to Growing Cyber Insurance Market Claims Journal * Newer Cars Closing Gender Disparity Gap in Crash Fatalities * Ohio State Sex Abuse Lawsuits Revived * U.S. DOL Expands OSHA's Severe Violator Enforcement Program * EU Seeks Tougher Cybersecurity Rules for Smart Devices * NTSB Issues Report on 2019 Kentucky Pipeline Explosion Academy of Insurance education * September 20 Specialty Lines Insurance - Coverage or Money for Nothing? * September 22 Getting Small Businesses to Understand and Buy Cyber * September 29 Insurance Without Claims - How Insuretech Can Prevent Losses * October 6 Commercial Property Master Class - Causes of Loss Forms, Exclusions Insurance News * News by Region * News by Topic * Yesterday Site Search [ ] [Go] Features * Insurance Markets Directory * Forums * A.M. Best Company Ratings * Industry Events * Agencies For Sale * Newswire * Insurance Jobs * Rankings & Awards Connect with us * Email Newsletters * Magazine Subscriptions * For Your Website * RSS Feeds * Twitter * Facebook * LinkedIn * Do Not Sell My Info Insurance Journal * Submit News * Advertise * Subscribe * Reprints * Link to Us * Contact Us Wells Media Group Network * Insurance Journal * MyNewMarkets.com * Claims Journal * Insurance Journal TV * Academy of Insurance * Carrier Management (c) 2022 by Wells Media Group, Inc. Privacy Policy | Terms & Conditions | Site Map [INS::INS]