The Justice Department will unveil indictments against hackers linked to the Iranian government Thursday for infiltrating U.S. critical infrastructure, according to a person familiar with the matter.
The indictments will include charges for a 2013 cyberattack on the Bowman Avenue Dam, a small structure north of New York City, said the person, who wasn’t authorized to discuss the matter before the indictments are announced.
The dam attack didn’t disrupt services but was considered important because it showed the ability of Iranian hackers to access industrial control systems, said Leo Taddeo, a former special agent in charge of the Federal Bureau of Investigation’s special operations and cyber division in New York who investigated the incident.
"We saw what looked like a target of opportunity, perhaps through a misconfigured Internet-facing control system that was easily taken advantage of," said Taddeo, now the chief security officer for cybersecurity company Cryptzone. "Based on what we were looking at at the time, it did not appear to be a deliberate well-planned out sophisticated attempt to infiltrate critical infrastructure."
However, any infiltration of U.S. critical infrastructure is worrisome for U.S. officials. Admiral Michael Rogers, head of the National Security Agency and U.S. Cyber Command, has said publicly that hackers from other countries have penetrated vital U.S. computer networks to carry out reconnaissance -- mapping out networks and gaining knowledge that could be used to disrupt systems.
The most sophisticated and worrisome hacking adversaries are Russia, China and Iran, Rogers has said.
The indictments to be announced Thursday, which were reported earlier by the Associated Press, are part of a stepped up effort by the Obama administration to show hackers and other countries that the U.S. will identify and punish those responsible for attacking infrastructure and companies, the person said.
On Wednesday, a Chinese man pleaded guilty to participating in a criminal hacking conspiracy to steal military technical data and send information to China. On Tuesday, three Syrian men were charged by the U.S. with launching high-profile cyberattacks on U.S. institutions.