Homeland Security Network Blog
The information source for first responders.
FBI: Iranian Men Charged with Deploying Damaging SamSam Ransomware
Federal Bureau of Investigation
Ransomware Suspects Indicted
Iranian Men Charged with Deploying Damaging SamSam Ransomware
Two Iranian men have been charged with deploying a sinister type of ransomware that crippled the operations of hospitals, municipalities, public institutions, and other critical networks in the United States and Canada, officials from the Department of Justice and the FBI announced today.
Beginning in 2015 and continuing until September 2018, SamSam ransomware infiltrated computer networks in Atlanta, Newark, and San Diego, as well as those of major health care providers, the University of Calgary, and others. Once deployed, the malware encrypted data and files. The creators then demanded payment by virtual currency to restore access to affected systems, a crime Assistant Attorney General Brian A. Benczkowski called “21st century blackmail” during a press conference today at the Department of Justice in Washington, D.C.
The toll of these cyberattacks was staggering: more than 230 entities infected, $6 million in ransom payments extorted, and an estimated $30 billion in damages to the affected public and private institutions.
“The actions highlighted today, which represent a continuing trend of cyber criminal activity emanating from Iran, were particularly threatening, as they targeted public safety institutions, including U.S. hospital systems and governmental entities,” said Amy Hess, executive assistant director of the FBI’s Criminal, Cyber, Response, and Services Branch. “As cyber threats evolve and cyber criminals develop more sophisticated techniques, so do we.”