x
Breaking News
More () »

Amid threats of revenge, Atlanta knows Iran's cyber capabilities all too well

Two Iranian nationals are accused of hacking the city of Atlanta.

ATLANTA — Iran has vowed "forceful revenge" in the wake of an airstrike that killed Qassem Soleimani, a major general in the Iranian Islamic Revolutionary Guard, at Baghdad International Airport on Thursday.

So, the top cybersecurity official in the United States is warning Americans about Iranian hackers. In a tweet, Christopher Krebs, director of the U.S. Cybersecurity and Infrastructure Security Agency (CISA), repeated a warning about Iranian cyberattacks from earlier in the year.

"Bottom line: time to brush up on Iranian TTPs and pay close attention to your critical systems, particularly ICS," he wrote. "Make sure you're also watching third party accesses!"

Meanwhile, the organization he heads up has warnings of its own.

"Iranian regime actors and proxies are increasingly using destructive 'wiper' attacks, looking to do much more than just steal data and money," the CISA said in a statement.

Atlanta residents don't have to look far to see what an Iranian cyberattack would look like. In March of 2018, a hack brought Atlanta to a standstill.

Many of the city's important departments were hampered for weeks. The city spent millions repairing the damage. The Justice Department later indicted two Iranian nationals, Faramarz Shahi Savandi and Mohammad Mehdi Shah Mansouri, for the attack.

The pair, according to federal indictments, created the SamSam ransomware. Targeting cities, hospitals and public entities, the group caused more than $30 million worth of damage, according to federal officials.

Kennesaw State University cybersecurity professor Andrew Green said the SamSam attack wasn't sophisticated, but instead, relied on vulnerabilities in the system.

"If one system gets compromised and their password was gained there, then the hackers will repeat and try using that password," he said. "Then, it becomes a fairly trivial matter for an experienced cybercriminal to get into these networks."

Because Mansouri and Savandi live in Iran, it is likely they'll never be prosecuted for the hacks.

MORE HEADLINES

Twin sisters confess to brutal murder of mother

Sophie Speaks: How a Georgia mother allowed her boyfriend to impregnate her 10-year-old

A teacher is out of a job over what she wrote on the board

Before You Leave, Check This Out