The US Justice Department charged Wednesday three more Iranian citizens with cyberattacks that targeted power companies, local governments and small businesses and nonprofits.
According to the prosecutors, the suspects targeted hundreds of victims in the US and other countries, encrypting and stealing data from victims’ networks and threatening to release it unless exorbitant ransom payments were made. In some cases, the victims made those payments.
A senior Justice Department official said that the hackers are not believed to have been working on behalf of the Iranian government but instead for their own financial gain, and some of the victims were even in Iran.
The case was filed in federal court in New Jersey, where a municipality in Union County was hacked last year. One of the victims was a domestic violence shelter in Pennsylvania, which – according to the indictment -- was extorted out of $13,000 to recover its hacked data.
In the latest actions as part of the US government’s response to the malicious cyber activities by Iranian actors, the Department of the Treasury’s Office of Foreign Assets Control (OFAC) also sanctioned ten individuals and two entities Wednesday for their roles in malicious cyber acts, including ransomware activity.
The OFAC said all the individuals and entities designated Wednesday are affiliated with Iran’s Revolutionary Guard (IRGC).
Under Secretary of the Treasury for Terrorism and Financial Intelligence Brian E. Nelson said, “We will continue to take coordination action with our global partners to combat and deter ransomware threats, including those associated with the IRGC.”