Iranian Hackers Hit With Federal Charges

Iranian Hackers Hit With Federal Charges

Iranian Hackers Hit With Federal ChargesSeven Iranians have been indicted by the U.S. Attorney and the FBI in connection with 46 different cyberattacks including the 2013 attack on the Bowman Avenue dam in Rye Brook.  These hackers apparently were employed by Iranian based ITSecTeam and Mersad Company, however these companies are not mentioned as part of the charges. Per CNet, “Though the attacks weren’t considered sophisticated, they raised concerns within the US government about the security of the country’s infrastructure. Built to run with specialized software that lasts years or decades, the country’s factories, power plants and other industrial systems are difficult to keep safe from hackers, security experts say.”  The Iranians were able to take advantage of these antiquated systems and hack into the Rye Brook dam to gain privileged access.

While the attack was successful the gate that controls water flow that they attempted to access happened to be disconnected from the controls for maintenance.  It would seem that this was close call, but it demonstrates that we lack adequate protections for the nation’s industrial complex. Per CNet, “not only are these control systems being increasingly targeted by cyber criminals, but they are not being properly monitored,” Shohet said. “The attack against the dam is just the tip of the iceberg.”  Many sections of the industrial sector are rampant with vulnerabilities due to the older systems, nonexistence of security patching and an apparent lack of concern for systems such as these.

Our Analysis

Until we start to protect the infrastructure we have that right now, can be attacked with relative ease.  What methods the Iranians were using wasn’t released but it was reported that they were not sophisticated.  When will infrastructure hardening be taken seriously? The statistics are alarming per Govtech:

  • 53% of respondents have seen an increase in cyberattacks against critical infrastructure over the past year.

– 76% said cyberattacks were getting more sophisticated.

– Destructive hacking was way up, with 44% of respondents reporting attempts to delete or destroy data.

– 54% of respondents said attackers had tried to “manipulate equipment” through an industrial control system (ICS).

– 44% of survey respondents said attackers tried to destroy information.

– 40% had attempted to shut down computer networks altogether.

Other APS Posts

Spear Phishermen Target Corporate W-2 Data
Google Fixes Kernel Vulnerability
4 Things to Know About Ransomware
Ransomware Hits Mac Computers
IRS Targeted in Another Cyberattack

Thanks for stopping by and reading our blog. We would appreciate if you could subscribe (assuming you like what you read; we think you will). This is meant to be informative and to provide value to anyone who reads this – regardless of their knowledge and/or understanding of IT/Cybersecurity. To learn more about us, check out our “About Us” page.

Be sure to subscribe to this blog and to our Podcast.

If you have ANY Cybersecurity needs, please contact us and a member of our staff with promptly reply to your question or concern.


Trend Micro Infrastructure Security

Enter your email address:

Delivered by FeedBurner

Subscribe to our mailing list

* indicates required


About Matthew Eliason

Matthew Eliason was born in Houston, Texas.  Upon graduating from high school, he joined the Navy.  His first tour was as an Information Systems Technician of a 130 client DOD network where he developed the documentation and maintenance procedures from 2007-2012.  In 2012, he transferred shore duty where he serves as a system and security administrator. He graduates with a Bachelor’s of Science in Information Technology from American Military University in November of 2015. He holds the CompTIA Security+ certification and has extensive experience in DOD Information Assurance (IA) and Cyber Security compliance and procedures.  He enjoys golf, hiking, watching football in his spare time.