We’re shedding some light on the news that the US Department of Justice has indicted two Iranian men for allegedly launching a massive ransomware attack against the City of Atlanta.
The attack, which occurred in March 2018, caused the city to suffer significant financial losses and disruption to its IT systems. According to the indictment, the two men, Faramarz Shahi Savandi and Mohammad Mehdi Shah Mansouri, are accused of using the SamSam ransomware to encrypt the city’s data and demand a ransom of over $50,000 in Bitcoin.
The attack caused the city to lose access to its computer systems, including those used by its police and fire departments, and resulted in the city spending over $2.6 million to restore its systems and data. The indictment also alleges that the two men used the same ransomware to attack other organizations and individuals in the US, Canada, and the UK, resulting in millions of dollars in losses.
The article also notes that the US government has previously charged Iranian individuals with cybercrime, but this is the first time that Iranians have been charged with a ransomware attack. The article concludes by noting that the US is sending a clear message that it will not tolerate malicious cyber activity, regardless of who is responsible.