The U.S. Department of Justice announced the indictment of 7 hackers associated with the Iranian government in relation to attacks on U.S. banks, financial institutions, and critical infrastructure. The indictments are related to distributed denial of service (DDOS) attacks on several U.S. financial entities in 2011-2013 and an attempt to control a small dam in Rye, New York. The attacks caused service disruptions and required millions of dollars in remediation and efforts to expand bandwidth for the victims. The hackers worked for two Iranian companies linked to the Iranian Revolutionary Guard Corps. The IRGC represents the most conservative and hostile elements of the Iranian government.
What is most interesting in the case is the willingness of the United States to name and shame the hackers and foreign governments. It demonstrates an increase in the diplomatic rhetoric and the willingness to disclose some of the cyber capabilities of the United States to identify hackers at a very specific level. It represents a continuation and expansion of the policy in President Obama’s executive Order in April 2015 and hinted at by the North Korea sanctions following the Sony hack and the indictment of five Chinese military officers in 2014.
While the Iranians are not likely to appear in a U.S Courtroom anytime soon and neither will the Chines military officers indicted two year ago, the Obama Administration is putting more pressure on potential cyber attackers in an effort to deter future attacks. There is, of course, a risk in establishing such a precedent. The other side may resort to similar tactics against U.S. government employees and military personnel engaged in cyber operations.
Additionally, the U.S. government announced the guilty plea of Su Bin for stealing information on U.S. military aircraft at the behest of the Chinese and the indictment of three Syrian nationals for various crimes involving hacking of U.S. military social media accounts.
While only one of these cases has resulted in a conviction, the pattern is clear. The Obama Administration is ready and willing to take the cybersecurity fight to the courts.
Learn more about President Obama’s National Cybersecurity Action Plan 2016 with this webinar.
Martindale, J. (2016, March 25). Chinese Government Paper Praises Convicted Hacker of U.S. Defence Firm. Digital Trends. Retrieved from http://www.digitaltrends.com/computing/chinese-hacker-praised-by-government/
Nakashima, E., & Zapotosky, M. (2016, March 24). U.S. charges Iran-linked hackers with targeting banks, N.Y. dam. The Washington Post. Retrieved from https://www.washingtonpost.com/world/national-security/justice-department-to-unseal-indictment-against-hackers-linked-to-iranian-goverment/2016/03/24/9b3797d2-f17b-11e5-a61f-e9c95c06edca_story.html
Opinion, W. (2016 3–26). Feds Set a Risky Precedent by Indicting 7 Iranian Hackers. Retrieved March 28, 2016, from http://www.wired.com/2016/03/feds-set-risky-precedent-indicting-7-iranian-hackers/
United States Department of Justice (2016, March 22). Computer Hacking Conspiracy Charges Unsealed Against Members of Syrian Electronic Army. Retrieved from https://www.justice.gov/opa/pr/computer-hacking-conspiracy-charges-unsealed-against-members-syrian-electronic-army
White House Issues New Executive Order on Cybercrime. (2015, April 1). Retrieved March 28, 2016, from http://www.nationalcybersecurityinstitute.org/international/white-house-issues-new-executive-order-on-cybercrime/