Hackers called growing threat to defense industry
MONTPELIER, Vt. — On an October morning in 2012, the system administrator of a tiny Vermont defense contractor arrived at work to find the business’ computers had been hacked and a sophisticated software program stolen. Prosecutors later concluded the thieves were a group of Iranians who sold the software to organizations within the Iranian government.
The hack, revealed in an indictment unsealed last week, shows that mercenary hackers who sell stolen data to friendly governments are a growing threat to defense contractors, experts say.
“They are essentially nonsanctioned espionage groups,” said Brian Wallace, the lead security data scientist for the Irvine, Calif.-based company computer security company Cylance. “The government doesn’t create them, they don’t own them. They operate and get almost of their income from the government.”
The South Burlington company, Arrow Tech Associates, makes software used to monitor projectiles in flight.
Arrow Tech president Charles Hillman said the firm was able to track the hackers’ every keystroke, which helped the FBI trace the intrusion to three Iranians.
Iranian officials in Washington referred an emailed question on the issue from the Associated Press to “the pertinent department.” There was no further reply.
The eight-count indictment released last week alleged that from at least 2007 through 2013 the three men broke into computers in “Vermont and elsewhere.” It said the group also stole software from an unidentified Western aerospace company in July 2012.
Arrest warrants were issued for two of the men: Mohammed Reza Rezakhah, 39, and Mohammed Saeed Ajily, 35.