Skip to main content

Attorney General Loretta E. Lynch Delivers Remarks at Press Conference Announcing Seven Iranians Charged for Conducting Cyber Attacks against U.S. Financial Sector


Washington, DC
United States

Good morning, and thank you all for being here.  At the forefront of all our minds continues to be the terrible events that took place in Brussels on Monday, and I want to take a moment before we begin to reiterate that the Obama Administration and the American people stand with the people of Belgium, with Europe, and with the world in condemning these appalling attacks.  Our thoughts and prayers are with the victims and their loved ones.  The Department of Justice is in constant communication with our counterparts in Belgium, and we are committed to providing any and all assistance as we move forward together with unity and strength.  I also want to make clear that while we have received no specific and credible threat to the United States, we will continue to remain vigilant in order to ensure that we can keep the American people safe from harm.

I am joined today by FBI Director [James] Comey, U.S. Attorney for the Southern District of New York [Preet] Bharara, and Assistant Attorney General for National Security [John] Carlin.  We are here to announce a major law enforcement action as part of our ongoing efforts to disrupt cyber threats and protect our national security. 

Today, we have unsealed an indictment against seven alleged experienced hackers employed by computer security companies working on behalf of the Iranian government, including the Islamic Revolutionary Guard Corps.  A federal grand jury in Manhattan found that these seven individuals conspired together, and with others, to conduct a series of cyberattacks against civilian targets in the United States financial industry that, in all, cost victims tens of millions of dollars. 

Between late 2011 and mid-2013, the U.S. financial sector suffered a large-scale and coordinated campaign of distributed denial of service, or DDoS, attacks – a particular kind of cyberattack in which multiple compromised sources are used to target and overwhelm a single system.  Through these attacks, the servers of 46 financial institutions were flooded with traffic over the course of 176 days – and as a result, online services were disrupted and hundreds of thousands of Americans were unable to access bank accounts online.  The attacks were relentless, systematic, and widespread.  They threatened our economic well-being and our ability to compete fairly in the global marketplace – both of which are directly linked to our national security.  And we believe that they were conducted with the sole purpose of undermining the targeted companies and damaging the online operation of America’s free market. 

In addition to the actions we have detailed, one of the defendants is also charged with illegally obtaining access to the supervisory control and data acquisition system of the Bowman Dam in Rye, New York.  At the time of his alleged intrusion, the dam was undergoing maintenance and had been disconnected from the system.  But for that fact, that access would have given him the ability to control water levels and flow rates – an outcome that could have posed a clear danger to the public health and safety of Americans.  I would like to thank the Department of Homeland Security and the city of Rye, New York, for their assistance in managing this incident.

In unsealing this indictment, the Department of Justice is sending a powerful message: that we will not allow any individual, group, or nation to sabotage American financial institutions or undermine the integrity of fair competition in the operation of the free market.  Through the work of our National Security Division, the FBI, and U.S. Attorney’s Offices around the country, we will continue to pursue national security cyber threats through the use of all available tools, including public criminal charges.  And as today’s unsealing makes clear, individuals who engage in computer hacking will be exposed for their criminal conduct and sought for apprehension and prosecution in an American court of law. 

This case is a reminder of the seriousness of cyber threats to our national security – and these public criminal charges represent a groundbreaking step forward in addressing that threat.  We will continue to use every tool at our disposal to investigate malicious cyber actors so that we can attribute their actions – down to the country, government agency, organization, and individuals involved – and charge them publicly.

I’d like to thank all those who worked diligently to bring the investigation to this point, including the targeted private companies and others who were integral partners throughout this investigation.  This case highlights the significance of what we can accomplish – holding actors accountable and protecting the American people – by working together. 

At this time, I’d like to introduce Director [James] Comey, who will provide additional details on today’s announcement.

National Security
Updated September 28, 2016