The last four decades have seen all sorts of twists and turns to the contentious relationship between the United States and Iran. The period began with the taking of American hostages in the late 1970s, took a new and scary turn around the turn of the century with the revelation that Iran was trying to develop nuclear weapons, and has featured harsh rhetoric, threats and sanctions throughout.
A new and startling chapter was opened in March, when the U.S. government announced the indictment of seven Iranian hackers for historically-severe cyberattacks against American financial institutions and the control system for a dam in suburban New York City. What made the story so startling is that the Department of Justice charges that the hackers were working “on behalf of the Iranian government.”
The Iranian Financial Cyberattacks
The systematic series of hacks came in the form of DDoS (distributed denial of service) attacks between late 2011 and the middle of 2013, and were directed at 46 different American financial companies including some of the nation’s largest and most important: the New York Stock Exchange, NASDAQ, Capital One and Bank of America.
These were sophisticated attacks, conducted at levels considered historic five years ago. The size of the DDoS forays against the financial institutions’ computer systems reached as high as 100 Gbps (gigabits per second), which is only one-fifth the size of the most recent DDoS attack recorded but is believed to have been the largest recorded at the time. According to a Psychz Networks, who offers DDoS protection, the attack would have been easily mitigated today because of advancements in the field of DDoS protection and today the company is capable of mitigating up to 500 Gbps attack. They made the computer systems inaccessible to clients for long periods of time and cost the companies an estimated tens of millions of dollars in cyberdefense costs.
The Dam Incident
One of the Iranians was also able to hack into the computer control system for a dam in Westchester County, on Blind Brook just outside New York City, in 2013. He was able to monitor all sorts of information on flow rates and water pressure, and theoretically would have been able to open a sluice gate to increase or stop water flow into the brook if it hadn’t been off-line for maintenance at the time.
The indictment doesn’t specify what the hacker’s intent might have been, but it’s certainly ominous when an agent of a foreign government can gain control of a portion of America’s infrastructure.
The indictments for conspiracy to commit, aid and abet computer hacking only charge the seven individuals, not any Iranian military or government officials. However, it does allege that the men were working for two computer security firms, ITSec and Mersad Co., which are “sponsored” by the Iranian Islamic Revolutionary Guards Corps – an arm of Iran’s military. The indictment also states clearly that the U.S. believes the hackers were working “on behalf of the Iranian government” in conducting the attacks.
Of course, America has no way to have the suspects extradited from Iran and it’s unlikely any of them will ever stand trial on the charges, just as the Chinese Army hackers indicted two years ago for hacking into U.S. company computers have never faced an American judge. These new charges, though, make it clear that the battlefield in America’s “cold wars” clearly extends into cyberspace.