DOJ Slaps Sanctions on Iranians Behind HBO Bitcoin Ransomware Attack
The United States Department of Justice, in coordination with the Department of Treasury, has slapped charges against one Iranian entity and ten of its nationals as a part of a broader crackdown on hackers. The press release dated March 23, 2018, reveals that the individuals had engaged in the theft of valuable intellectual property from organizations across America and elsewhere, resulting in the infringement of copyright for their financial gain.
Game of Thrones Pre-Release
The list also includes charges against Behzad Mesri, an Iranian national who is the chief suspect behind the cyber attack on the entertainment distributor, Home Box Office (HBO). The hack resulted in several leaks of HBO’s hugely popular TV series, Game of Thrones.
The hacker demanded a ransom of $6 million from the entertainment company, failing which he threatened to release parts of the series online, before their scheduled global release.
The indictment was announced November 2017 by Joon H Kim, who was the then-acting United States Attorney for the Southern District of New York.
According to a CNN report, Behzad Mesri allegedly hacked into the internal network and computer systems of HBO. Mexri then stole exclusive content and demanded a ransom, paid for in bitcoin, in exchange for destroying the digital files.
The reason why Mesri and most hackers demand bitcoin to receive ransom payments is that of the relative anonymity of cryptocurrencies.
He would have then transferred these funds to his bank account in Iran or broken the amount into smaller denominations and transferred it to other cryptocurrency wallet holders.
Geopolitical Implications
American agencies allege that he was sheltered behind the protection of Iranian authorities. Other claims include that he was a part of a much larger scheme to target the West with cyber attacks.
Treasury Under Secretary, Sigal Mandelker, said:
“Iran is engaged in an ongoing campaign of malicious cyber activity against the United States and our allies. The IRGC outsourced cyber intrusions to The Mabna Institute, a hacker network that infiltrated hundreds of universities to steal sensitive data.”
These cyber attacks were likely in response to the sanctions imposed by the United States government on Iran after its nuclear test.
Mesri, who operated under the pseudonym of Skote Vahshat, a member of the Mabna Institute, had previously worked with the Iranian military to conduct cyber attacks. The attacks targeted military and nuclear system as well as Israeli defense agencies. He is also responsible for hacking and defacing several American websites too.
As a result of this indictment by the American authorities, it becomes hazardous for any of the hackers to travel outside of Iran. If they are caught in a foreign land, they would most likely be extradited to America to serve prison time.
The Under Secretary made it clear that they “will not tolerate the theft of U.S. intellectual property, or intrusions into our research institutions and universities,” adding that, “The Treasury will continue to systematically use its sanction authorities to shine a light on the Iranian regime’s malicious cyber practices, and hold it accountable for criminal cyber-attacks.”
Tehran’s Foreign Ministry has categorically denied all allegations made on Iran in the wake of the cyber attacks, with its spokesperson Bahram Qasemi terming the move as “provocative, illegitimate and one that made no sense.”