Faramarz Shahi Savandi and Mohammad Shah Mansouri are accused of authoring the ransomware, named SamSam, and unleashing it on more than 200 victims, including the cities of Atlanta and Newark, the port of San Diego.
(TNS) — Two Iranian men were indicted Wednesday by a federal grand jury in New Jersey in connection with a widespread computer hacking and extortion scheme that affected major computer systems across the United States and Canada, including the Colorado Department of Transportation.
The two men, who lived in Iran, launched their scheme in December 2015 to hold large computer systems hostage until owners paid a ransom to have their malicious software removed.
Colorado’s transportation department was hacked in late February, the indictment said. After gaining access to the department’s computer network, the hackers attempted to extort CDOT to de-encrypt their files. Colorado did not pay the ransom, but the attack cost the state at least $1.5 million, The Denver Post previously reported.
The agency’s computer system was shut down for days as employees fought the attack and worked to restore department data. The agency even brought in the Colorado National Guard to assist.
Faramarz Shahi Savandi, 34, and Mohammad Shah Mansouri, 27, face six counts in the indictment. They are accused of authoring the ransomware, named SamSam, and unleashing it on more than 200 victims, including the cities of Atlanta and Newark, the port of San Diego, and six health care corporations.
The two men allegedly would extort their targets by demanding that the ransoms were paid in Bitcoin, a digital currency. The men would then use Iran-based Bitcoin exchangers to convert the digital currency into rial, Iran’s monetary system.
The two allegedly collected $6 million in U.S. ransom payments and caused more than $30 million in losses to more than 200 victims, Deputy Attorney General Rod Rosenstein said in the news release.
In a statement emailed to The Denver Post, Deborah Blyth, chief information security officer for the Colorado Governor’s Office of Information Technology said, “Today’s indictment shows how seriously we take this type of criminal activity. We want to thank the FBI for their partnership and commitment to prosecuting the malicious actors who are responsible for these devastating cyber attacks.”
©2018 The Denver Post. Distributed by Tribune Content Agency, LLC.