DOJ charges Iranian hackers with attacks on US cities, companies

The Justice Department unsealed charges against two Iranian criminal hackers who allegedly used ransomware to hit American hospitals, universities, government agencies and the city of Atlanta (GA), causing tens of millions of dollars in damages. More than 200 victims were affected, more than $6 million in ransom was collected and damages exceeded $30 million, officials said. Ransomware encrypts data on affected systems, with an offer to decrypt if a ransom is paid. A ransomware called SamSam was used in attacks against Atlanta, the Colorado Department of Transportation and several health-care institutions. The ransomware, first identified in 2015, gained prominence after it afflicted Atlanta in March, hobbling computers in the court system, shutting down the Wi-Fi at the international airport, preventing residents from paying their water bills online, and forcing police for several days to file police reports on paper instead of electronically. This is the first time federal prosecutors are charging hackers with using ransomware with Bitcoin exchanges. Bitcoin exchanges transfer traditional currencies into Bitcoin, or Bitcoin into traditional currencies. The 25-page indictment charges that the hackers’ scheme was for their personal profit, and was not government directed.