REUTERS - The Obama administration is planning to publicly blame Iranian hackers for a 2013 cyber attack against a small dam in New York state, three sources familiar with the matter told Reuters.
- Probe Into Iran Cyberattack Stalls Over Fears of Confirming U.S.-Israel Role
- Iranian Hack Reveals Weaknesses in U.S. Cybersecurity
- Israelis Charged in U.S. for 'Breathtaking' Hacking Heist
The Justice Department has prepared an indictment against the hackers, two of the sources said, and a public announcement could come as soon as next week.
U.S. officials believe the hackers gained access only to some back office systems, not the operational system of the Bowman Avenue Dam, a flood control system around 30 miles (50 km) north of New York City. The attack was not considered sophisticated, the sources said.
A Justice Department spokesman said he had no comment. CNN first reported news of the planned indictment.
Asked about the report at a news briefing, State Department spokesman Mark Toner said: "We obviously take seriously all such malicious activity in cyberspace. We are going to continue to use all the tools at our disposal to prevent, deter, detect, counter, and mitigate that kind of activity."
The Obama administration has grown increasingly concerned about the threat of foreign nation-state hacks on U.S. infrastructure - a worry that has grown since U.S. officials said a cyber attack was the cause of a December blackout in the Ukraine that affected nearly a quarter-million customers.
The Justice Department similarly charged five Chinese military hackers in 2014 for hacking into the networks of several U.S. businesses in order to steal trade secrets.
Larger facilities also present the same types of vulnerabilities that could be exploited in similar ways by hackers using tools that can easily be obtained on either the open Internet or closed underground criminal forums, said Steve Grobman, chief technology officer of Intel Corp's security division.
"We shouldn't look at the size of the particular body of water, dam or power distribution facility," Grobman said. "This is as a good example of how critical infrastructure is vulnerable to various actors."