Iranians behind San Diego port ransomware attack
Two Iranian computer hackers were charged Wednesday in connection with a multimillion-dollar cybercrime and extortion scheme that targeted government agencies, cities and businesses, including the port of San Diego.
Faramarz Shahi Savandi, 34, and Mohammad Mehdi Shah Mansouri, 27, are accused by the Justice Department of creating ransomware known as SamSam that encrypted data on the computers of more than 200 victims, starting in January 2016, demanding a ransom in bitcoin to get their data back.
The Justice Department stressed that the hackers were not connected to the Iranian government. The two men made about $6m from the attacks and caused the victims of the scheme to lose more than $30m.
In late September this year, the Port of San Diego revealed it had been hit by a cyber attack, affecting more than 500 workers. The port mobilised a team of industry experts and local, regional, state and federal partners to fix the issue.
“SamSam ransomware is a dangerous escalation of cybercrime,” said Craig Carpenito, the US attorney for New Jersey, where Wednesday’s indictment was unsealed. “This is a new type of cybercriminal. Money is not their sole objective. They are seeking to harm our institutions and our critical infrastructure.”