3 Iranian nationals are accused of ransomware attacks vs. U.S. victims


cyano66 | iStock | Getty Images

WASHINGTON — The Department of Justice on Wednesday unsealed an August indictment of three Iranian nationals who officials said are behind an international ransomware conspiracy that has targeted hundreds of corporate and government victims around the world. 

The three individuals allegedly carried out the scheme for their personal gain, and not at the behest of the Iranian government, department officials said on a call with reporters. 

The defendants are Mansour Ahmadi, Ahmad Khatibi Aghda and Amir Hossein Nickaein Ravari, all believed to be living in Iran. None of them has been arrested, and officials admitted that U.S. law enforcement has few options available to detain them in person.

The men allegedly defrauded a county in Wyoming,  regional electric power utilities in Mississippi and Indiana, a public housing authority in Washington state and a statewide bar association in an unnamed state. 

DOJ officials said they believed the number of victims in the U.S. alone reached well into the hundreds, with even more likely to be identified in the future. 

The scheme relied upon BitLocker, a popular cybersecurity encryption product from Microsoft which is used by thousands of clients worldwide. 

Justice Department officials declined to detail how they were alerted to the individual ransomware attacks, or specifically which of the organizations that were targeted reached out to authorities and which did not. 

It’s little secret that corporations targeted by ransomware attacks often choose to pay the ransom to the attackers instead of alerting law enforcement out of fear that news of the attack will spook investors and customers.  

The Justice Department has struggled for decades to convince institutional victims of cyberattacks that they would be better served by reporting the attack than by covering it up.


Source link