© 2022 Connecticut Public

FCC Public Inspection Files:
WEDH · WEDN · WEDW · WEDY · WNPR
WPKT · WRLI-FM · WEDW-FM · Public Files Contact
Play Live Radio
Next Up:
0:00
0:00
Available On Air Stations

U.S. charges 3 Iranian nationals in global hacking campaign

The Department of Justice has charged three Iranian nationals for allegedly conducting a global hacking campaign that targeted victims and the U.S. and other countries for extortion.
Kent Nishimura
/
Los Angeles Times via Getty Imag
The Department of Justice has charged three Iranian nationals for allegedly conducting a global hacking campaign that targeted victims and the U.S. and other countries for extortion.

Updated September 14, 2022 at 2:20 PM ET

The Justice Department has charged three Iranian nationals for a global computer hacking campaign that allegedly targeted hundreds of victims for extortion, including local U.S. governments, power companies and a domestic violence shelter.

According to an indictment unsealed in New Jersey, Mansour Ahmadi, Ahmad Khatibi and Amir Hossein Nickaein began their hacking conspiracy in October of 2020, and took aim at companies and institutions in the United States, Britain, Israel, Russia and Iran.

FBI Director Christopher Wray said the three defendants "engaged in a pattern of hacking, cyber-theft, and extortion largely for personal gain."

"They were looking to steal information, encrypt networks, and sell private data, all in the hopes of persuading victims to pay sizeable ransoms," Wray said in a video statement.

The indictment says the defendants exploited known vulnerabilities in network devices and software to steal data from their victims' computer systems. In some instances, they allegedly encrypted data on a victim's system and demanded ransom to decrypt it, while in others they threatened to release the stolen data unless a victim paid them not to do so.

The ransom demands, prosecutors say, were either sent to a victim's printer or via email. Payment was to be made in cryptocurrency.

One note, for example, that was sent to an accounting firm in Illinois read: "Hi! If you are reading this, it means your data is encrypted and your private sensitive information is stolen! Read carefully the whole instructions to avoid any problems. You have to contact us immediately to resolve this issue and make a deal!"

The targets of the ransom and extortion campaign varied.

There was a municipality in Union County, N.J., and a county government in Wyoming; a public housing corporation in Washington state; a domestic violence shelter in Pennsylvania; accounting firms in New Jersey and Illinois; and regional power companies in Mississippi and Indiana.

While officials say the victims appeared to be targets of opportunity, the U.S. attorney for New Jersey, Philip Sellinger, noted a through line among many of them.

"A common feature of the victims was that they provided essential services—local government, housing power, a domestic violence shelter," Sellinger said. "Services people depend upon every day. Services that, if taken away, hurt the public."

The indictment does not allege that the defendants were working at the behest of the Iranian government.

None of the defendants is in U.S. custody. Justice Department officials say all three of them are believed to be in Iran.

Still, American officials say that bringing this case can have a deterrent effect.

"By charging them in this indictment, by publicly naming them, we are stripping their anonymity away," Sellinger said. "They cannot operate anonymously from the shadows anymore. We have put a spotlight on them as wanted criminals."

In his statement, Wray also announced a joint cybersecurity advisory from the FBI and its partners in the U.S. and some close allies.

The advisory highlights the broader threat that posed by cyber actors linked to the Iranian government, he said.

Copyright 2022 NPR. To see more, visit https://www.npr.org.

Ryan Lucas covers the Justice Department for NPR.

Stand up for civility

This news story is funded in large part by Connecticut Public’s Members — listeners, viewers, and readers like you who value fact-based journalism and trustworthy information.

We hope their support inspires you to donate so that we can continue telling stories that inform, educate, and inspire you and your neighbors. As a community-supported public media service, Connecticut Public has relied on donor support for more than 50 years.

Your donation today will allow us to continue this work on your behalf. Give today at any amount and join the 50,000 members who are building a better—and more civil—Connecticut to live, work, and play.

Related Content