Iranian hackers charged in scheme that hit NC, other states
Two Iranian hackers charged Wednesday in a federal indictment were accused of attacking the computer networks of hospitals and other targets in 43 states, a broad criminal extortion campaign that walloped a heart hospital in Kansas and disrupted one of the nation’s largest diagnostic blood testing companies in North Carolina.
Federal prosecutors said the three-year cybercrime spree caused tens of millions of dollars in damage from coast to coast. It marked the first U.S. indictment against foreign hackers engaged in a forprofit ransomware and extortion scheme.
The two hackers developed unique tools to hold U.S. computer networks hostage from Iran, prosecutors said. The two Iranians, Faramarz Shahi Savandi, 34, and Mohammad Mehdi Shah Mansouri, 27, remain at large, presumably in their homeland, officials said.
Assistant Attorney General Brian A. Benczkowski sidestepped a question about whether Iran’s government sponsored the two, saying only that the indictment contains no such allegation.
The three-year ransomware campaign hit at least 200 victims in the United States, collecting more than $6 million in extortion payments and causing more than $30 million in losses, Deputy Attorney General Rod J. Rosenstein said.
Ransomware is computer code that encrypts targeted systems and cripples networks until victims pay a ransom, usually in a digital currency like bitcoin.
In one of the Iranian team’s first alleged actions in 2016, it hit the computers of Kansas Heart Hospital in Wichita, which provides specialized cardiovascular care for patients.
One of the most recent attacks occurred July 14 against Laboratory Corporation of America, or LabCorp, a Burlington diagnostic company that processes more than 2.5 million tests per week and holds a patient database of nearly half the U.S. population. Its global footprint reaches 127 countries.