Iran pays millions in ransom to end massive cyberattack on banks officials say POLITICO
p
IRLeaks a group with a history of hacking Iranian companies was said to be responsible ppA massive cyberattack that hit Iran last month threatened the stability of its banking system and forced the countrys regime to agree to a ransom deal of millions of dollars people familiar with the case sayppAn Iranian firm paid at least 3 million in ransom last month to stop an anonymous group of hackers from releasing individual account data from as many as 20 domestic banks in what appears to be the worst cyberattack the country has seen according to industry analysts and western officials briefed on the matterppA group known as IRLeaks which has a history of hacking Iranian companies was likely behind the breach the officials said The hackers are said to have initially threatened to sell the data they collected which included the personal account and credit card data of millions of Iranians on the dark web unless they received 10 million in cryptocurrency but later settled on a smaller sum ppIrans authoritarian regime pushed for a deal fearing that word of the data theft would destabilize the countrys alreadywobbly financial system which is under intense strain amid the international sanctions the country faces the officials saidppIran never acknowledged the midAugust breach which forced banks to shut down cash machines across the country Though the attack was reported at the time by Iran International an opposition news outlet neither the suspected hackers nor the ransom demands were disclosed ppIrans supreme leader delivered a cryptic message in the wake of the attack blaming the US and Israel for spreading fear among our people without acknowledging the countrys banks were under assaultppThe enemys goal is to spread psychological warfare to push us into political and economic retreat and achieve its objectives Ayatollah Ali Khamenei saidppThat accusation seemed plausible given the broader tensions between Israel the US and Iran While Tehran blames Israel for the recent assassination of a senior Hamas leader in Iran Washington accuses Iran of trying to influence the US election by hacking into Donald Trumps campaign operationppThose tensions notwithstanding people familiar with the Iranian banking hack told POLITICO that IRLeaks is affiliated with neither the US nor Israel suggesting the attack may have been the work of freelance hackers driven primarily by financial motivesppSuch cases have become increasingly common around the world in recent years as sophisticated hackers seize private data from governments and companies and demand ransom in return for not releasing the informationppIran is no stranger to such activity In December IRLeaks claimed to have stolen the customer data of nearly two dozen Iranian insurance companies and of hacking into Snapp Food a delivery service Though the companies agreed to pay ransom to IRLeaks it was far less than the group received from the banking hack the officials saidppIRleaks entered the banks servers via a company called Tosan which provides data and other digital services to Irans financial sector the officials said Using Tosan as a Trojan horse the hackers appear to have siphoned data from both private banks and Irans central bank Of Irans 29 active credit institutions as many as 20 were hit said the officials who requested anonymity in order to reveal sensitive information ppAmong the affected banks were the Bank of Industry and Mines Mehr InterestFree Bank Post Bank of Iran Iran Zamin Bank Sarmayeh Bank IranVenezuela BiNational Bank Bank Day Banke Shahr Eghtesad Novin Bank and Saman which also has branches in Italy and GermanyppThe regime ultimately forced Tosan to pay the IRLeaks ransom a personal familiar with the events said ppWhat isnt clear is whether the hackers used Tosan to hit other targets in Iran The firm has a wide customer base including government entities beyond the central bankppIrans financial sector has long been the countrys Achilles heel ppIranian banks are undercapitalized by international standards and further burdened by loans they are forced to make to the government which counts as the sectors biggest borrower ppIn February Irans central bank chief said that eight of the countrys banks were facing severe difficulties and would either be merged or dissolvedppDespite those concerns Iranians continue to park their money in the banks and rely on them to handle their daily transactions With an inflation rate of nearly 40 percent Iranians eschew cash for the convenience of digital paymentsppEven so the banking systems overall fragility leaves individual lenders exposed to sudden bank runs That danger might explain why the regime refused to publicly acknowledge the attack and pressured Tosan to pay the hackersppThe US and German leaders leave behind a frozen conflict in Ukraine as the prospect of a Trump victory weighs on EuropeppThe Serbian leader has proved adept at balancing the West versus China and RussiappEuroskeptic Freedom Party promises to erect Fortress Austria and claims the election result entitles it to lead the countrys next governmentppMy quip on a TV show gave me an insider view of how the dominant Peoples Party exerts its influence throughout the country p
IRLeaks a group with a history of hacking Iranian companies was said to be responsible ppA massive cyberattack that hit Iran last month threatened the stability of its banking system and forced the countrys regime to agree to a ransom deal of millions of dollars people familiar with the case sayppAn Iranian firm paid at least 3 million in ransom last month to stop an anonymous group of hackers from releasing individual account data from as many as 20 domestic banks in what appears to be the worst cyberattack the country has seen according to industry analysts and western officials briefed on the matterppA group known as IRLeaks which has a history of hacking Iranian companies was likely behind the breach the officials said The hackers are said to have initially threatened to sell the data they collected which included the personal account and credit card data of millions of Iranians on the dark web unless they received 10 million in cryptocurrency but later settled on a smaller sum ppIrans authoritarian regime pushed for a deal fearing that word of the data theft would destabilize the countrys alreadywobbly financial system which is under intense strain amid the international sanctions the country faces the officials saidppIran never acknowledged the midAugust breach which forced banks to shut down cash machines across the country Though the attack was reported at the time by Iran International an opposition news outlet neither the suspected hackers nor the ransom demands were disclosed ppIrans supreme leader delivered a cryptic message in the wake of the attack blaming the US and Israel for spreading fear among our people without acknowledging the countrys banks were under assaultppThe enemys goal is to spread psychological warfare to push us into political and economic retreat and achieve its objectives Ayatollah Ali Khamenei saidppThat accusation seemed plausible given the broader tensions between Israel the US and Iran While Tehran blames Israel for the recent assassination of a senior Hamas leader in Iran Washington accuses Iran of trying to influence the US election by hacking into Donald Trumps campaign operationppThose tensions notwithstanding people familiar with the Iranian banking hack told POLITICO that IRLeaks is affiliated with neither the US nor Israel suggesting the attack may have been the work of freelance hackers driven primarily by financial motivesppSuch cases have become increasingly common around the world in recent years as sophisticated hackers seize private data from governments and companies and demand ransom in return for not releasing the informationppIran is no stranger to such activity In December IRLeaks claimed to have stolen the customer data of nearly two dozen Iranian insurance companies and of hacking into Snapp Food a delivery service Though the companies agreed to pay ransom to IRLeaks it was far less than the group received from the banking hack the officials saidppIRleaks entered the banks servers via a company called Tosan which provides data and other digital services to Irans financial sector the officials said Using Tosan as a Trojan horse the hackers appear to have siphoned data from both private banks and Irans central bank Of Irans 29 active credit institutions as many as 20 were hit said the officials who requested anonymity in order to reveal sensitive information ppAmong the affected banks were the Bank of Industry and Mines Mehr InterestFree Bank Post Bank of Iran Iran Zamin Bank Sarmayeh Bank IranVenezuela BiNational Bank Bank Day Banke Shahr Eghtesad Novin Bank and Saman which also has branches in Italy and GermanyppThe regime ultimately forced Tosan to pay the IRLeaks ransom a personal familiar with the events said ppWhat isnt clear is whether the hackers used Tosan to hit other targets in Iran The firm has a wide customer base including government entities beyond the central bankppIrans financial sector has long been the countrys Achilles heel ppIranian banks are undercapitalized by international standards and further burdened by loans they are forced to make to the government which counts as the sectors biggest borrower ppIn February Irans central bank chief said that eight of the countrys banks were facing severe difficulties and would either be merged or dissolvedppDespite those concerns Iranians continue to park their money in the banks and rely on them to handle their daily transactions With an inflation rate of nearly 40 percent Iranians eschew cash for the convenience of digital paymentsppEven so the banking systems overall fragility leaves individual lenders exposed to sudden bank runs That danger might explain why the regime refused to publicly acknowledge the attack and pressured Tosan to pay the hackersppThe US and German leaders leave behind a frozen conflict in Ukraine as the prospect of a Trump victory weighs on EuropeppThe Serbian leader has proved adept at balancing the West versus China and RussiappEuroskeptic Freedom Party promises to erect Fortress Austria and claims the election result entitles it to lead the countrys next governmentppMy quip on a TV show gave me an insider view of how the dominant Peoples Party exerts its influence throughout the country p
