An irreverent Wall Street Blog

Unsealed Iranian Indictment Is A Powerful Message, Or So They Say

March 25, 2016

 On March 24, 2016, the United States Department of Justice ("DOJ") announced the unsealing of an Indictment in the United States District Court for the Southern District of New York ("SDNY") naming seven individual defendants who allegedly served as hackers in the employ of ITSec Team and Mersad Company, which were computer security companies working on behalf of the Iranian government (including the Islamic Revolutionary Guard Corps). United States of America v. Ahmad Fathi, Hamid Firoozi, Amin Shokohi, Sadegh Ahmadzadegan, a/k/a/ "Nitr0jen26,"; Omid Ghaffarinia, a/k/a "PLuS," Sina Keissar, and Nader Saedi, a/k/a "Turk Server" (Indictment, SDNY, 16-CR-48, March 23, 2016).

SIDE BAR: READ the FULL -TEXT Indictment, posted online at BrokeAndBroker.com. The synopses in the press do not do this document justice. It is an unsettling and scary reminder of how vulnerable we are in the cyberworld. The fact remains that it's not that difficult for someone with a will to find a way to defeat the best attempts to erect an online wall between the good guys and the bad guys -- which raises yet another provocative question as to how we discern the good from the bad these days.

Case In Point

Defendants Fathi; Firoozi; and Shokohi are allocated to a grouping called "ITSec Team" and Defendants Ahmadzadegan, Ghaffarinnia; Keissar; and Saedi, to a grouping called "Mersad". The Indictment asserts two counts of Conspiracy to Commit Computer Hacking (one each for the ITSec Team and Mersad groups of Defendants) and one count of Unauthorized Access to a Protected Computer (Defendant Firoozi).

NOTE: An Indictment merely contains allegations and defendants are presumed innocent unless and until convicted in a court of law beyond a reasonable doubt.

Financial Industry Cyberattacks

The Indictment charges that between 2011 and mid-2013, the Defendants conspired among themselves and with others to engage in Distributed Denial of Service ("DD0S") cyberattacks against the United States financial industry. As set forth in Paragraph 8 of the Indictment:

8. After they began in approximately December 2011, the U.S. Financial Industry DDoS Attacks occurred on a sporadic basis until September 2012, when they escalated in frequency and occurred on a near-weekly basis and typically between Tuesdays and Thursdays during normal business hours in the United States, through in or about May 2013. During the course of this coordinated campaign, victims' computer servers were hit with as much as approximately 140 Gigabits of data per second which, depending on the victim institution was up to as much as three times the entire operating capacity of a victim institution's servers. The U.S. Financial Industry DDoS Attacks impacted, at a minimum, approximately 46 major financial institutions and other financial-sector corporations in the United States over a total of at least approximately 176 days of DDoS attacks. On certain days during these attacks, hundreds of thousands of customers were unable to access their bank accounts online. As a result of these attacks, those victim institutions incurred tens of millions of dollars I remediation costs as they worked to mitigate and neutralize the attacks on their computer servers.

Opening the Floodgates?

In addition to the attacks against the financial institutions, the Indictment alleges that during August and September 2013, Defendant Firoozi illegally obtained access to the supervisory control and data acquisition system of the Bowman Dam in Rye, New York. Although the dam was undergoing maintenance and offline from the data acquisition system at the time of the intrusion, Defendant Firoozi allegedly would have otherwise had the ability to control water levels and flow rates, thus posing a danger to the public's health and safety.

Prison Time

Each count of Conspiracy to Commit Computer Hacking carries a maximum sentence of 10 years in prison.  The sole count of Unauthorized Access to a Protected Computer carries a maximum sentence of 5 years in prison.

Powerful Message?

In commenting on the Indictment, Attorney General Loretta Lynch noted, among other points:

In unsealing this indictment, the Department of Justice is sending a powerful message: that we will not allow any individual, group, or nation to sabotage American financial institutions or undermine the integrity of fair competition in the operation of the free market.  Through the work of our National Security Division, the FBI, and U.S. Attorney's Offices around the country, we will continue to pursue national security cyber threats through the use of all available tools, including public criminal charges. And as today's unsealing makes clear, individuals who engage in computer hacking will be exposed for their criminal conduct and sought for apprehension and prosecution in an American court of law.

"Attorney General Loretta E. Lynch Delivers Remarks at Press Conference Announcing Seven Iranians Charged for Conducting Cyber Attacks against U.S. Financial Sector" (DOJ Press Release, March 24, 2016).

Bill Singer's Comment

I guess the Attorney General and I have a different sense of what constitutes a "powerful message." Frankly, I'm still awaiting the powerful message from DOJ in the form of many Indictments naming the individual men and women at the too-big-to-fail-banks and other marketplace participants for their role in the mortgage fraud and financial shenanigans that sabotaged and undermined our economy in the form of the Great Recession. Now wouldn't that be one helluva powerful message!

Taking her at her words, Attorney General Lynch asserts that the United States government has demonstrated we will not allow any individual, group, or nation to sabotage American financial institutions or undermine the integrity of fair competition in the operation of the free market. Please correct me if I am misstating the case here but doesn't the very existence of the Indictment prove the opposite?  Given the cyberattackers apparent successes, didn't they demonstrate that the USA does not prevent the sabotage of our financial institutions and the undermining of the markets's integrity? Isn't the unsealing of the Indictment and the attendant press conference hoopla all little more than reading toe tags in the morgue and arguing that such a post-mortem exercise is a pre-emptive measure to prevent murder?

Then there is the Attorney General's contention individuals who engage in computer hacking will be exposed for their criminal conduct and sought for apprehension and prosecution in an American court of law. Okay, sure, the Indictment exposed the Defendants. Great. You get your brownie points for that. On the other hand, what are we to make of the fact that the Defendants are being sought for apprehension and prosecution in an American court of law? "Sought" as in not currently under arrest, not currently in the process of extradition from Iran to the USA, not currently in jail, not currently arraigned.

Perhaps the Attorney General is mindful of her boss's January 17, 2016, remarks about the great diplomatic achievement of the so-called Iran nuclear deal:

THE PRESIDENT:  This is a good day, because, once again, we're seeing what's possible with strong American diplomacy.  

[F]or decades, our differences with Iran meant that our governments almost never spoke to each other.  Ultimately, that did not advance America's interests . . .

We've seen the results.  Under the nuclear deal that we, our allies and partners reached with Iran last year, Iran will not get its hands on a nuclear bomb.  The region, the United States, and the world will be more secure.  As I've said many times, the nuclear deal was never intended to resolve all of our differences with Iran.  But still, engaging directly with the Iranian government on a sustained basis, for the first time in decades, has created a unique opportunity -- a window -- to try to resolve important issues.  And today, I can report progress on a number of fronts.

. . .

Now that Iran's actions have been verified, it can begin to receive relief from certain nuclear sanctions and gain access to its own money that had been frozen.  And perhaps most important of all, we've achieved this historic progress through diplomacy, without resorting to another war in the Middle East.

. . .

Of course, even as we implement the nuclear deal and welcome our Americans home, we recognize that there remain profound differences between the United States and Iran.  We remain steadfast in opposing Iran's destabilizing behavior elsewhere, including its threats against Israel and our Gulf partners, and its support for violent proxies in places like Syria and Yemen.  We still have sanctions on Iran for its violations of human rights, for its support of terrorism, and for its ballistic missile program.  And we will continue to enforce these sanctions, vigorously.  Iran's recent missile test, for example, was a violation of its international obligations.  And as a result, the United States is imposing sanctions on individuals and companies working to advance Iran's ballistic missile program.  And we are going to remain vigilant about it.  We're not going to waver in the defense of our security or that of our allies and partners.    

But I do want to once again speak directly to the Iranian people.  Yours is a great civilization, with a vibrant culture that has so much to contribute to the world -- in commerce, and in science and the arts.  For decades, your government's threats and actions to destabilize your region have isolated Iran from much of the world.  And now our governments are talking with one another.  Following the nuclear deal, you -- especially young Iranians -- have the opportunity to begin building new ties with the world.  We have a rare chance to pursue a new path -- a different, better future that delivers progress for both our peoples and the wider world.  That's the opportunity before the Iranian people.  We need to take advantage of that . . .

"Statement by the President on Iran" (Press Release, The White House Office of the Press Secretary, January 17, 2016)

Given that the Indictment alleges that the cyberattacks took place in 2011, 2012, and 2013, I'm guessing that the US government knew about some of the criminal activity while negotiating that nuclear deal with Iran. It would be difficult to imagine that the "sealed" version of the Indictment wasn't either in a final draft form or signed off on by the Grand Jury when President Obama announced the historic deal with Iran on January 17, 2016.  All of which leads us to the Attorney General's assertion that the Indictment has essentially made it clear that individuals who engage in computer hacking will be exposed for their criminal conduct and sought for apprehension and prosecution in an American court of law. Okay, sure, I'll give her some of that but given that the Defendants are still being "sought" for apprehension and prosecution, that strongly suggests that they have not yet been apprehended. 

According to President Obama's January 17, 2016, speech, that was a "good day" for American diplomacy because we reached a nuclear deal with Iran and, as a result, "for the first time in decades, has created a unique opportunity -- a window -- to try to resolve important issues." Maybe the Attorney General can open that window and then lean through it and ask our Iranian pals if they will extradite the 7 Iranian criminal defendants back to the USA? 

As President Obama noted, "We still have sanctions on Iran for its violations of human rights, for its support of terrorism, and for its ballistic missile program." And it's not like our position on those violations is questionable because, after all, the President assured us that "we are going to remain vigilant about it.  We're not going to waver in the defense of our security or that of our allies and partners." 

Those are wonderful words of assurance and I hope that the Attorney General heeds them during her next meeting with her boss at the White House or, if his schedule is busy, maybe she could just telephone him. Seems to me that we could threaten to impose or re-impose sanctions upon Iran if the government doesn't extradite the Defendants. Wow, now that's a brilliant idea! I'm sure that all we need to do is email the Iranian government and they will put those folks on the next plane bound for our shores.  Just that simple. Sure it is. After all, as the President noted:

[O]ur governments are talking with one another.  Following the nuclear deal, you -- especially young Iranians -- have the opportunity to begin building new ties with the world.  We have a rare chance to pursue a new path -- a different, better future that delivers progress for both our peoples and the wider world.  That's the opportunity before the Iranian people. We need to take advantage of that . . .

On behalf of all my fellow Americans, I'd like to reiterate our President's lofty words and remind all my new young Iranian friends that by sending us the 7 defendants, you can build new ties with the world and embark upon a new path to a better future. This extradition is one hell of an opportunity for you Iranian youngsters. You should take advantage of it. We'd really like to apprehend and prosecute those folks. I'm not suggesting that the Indictment is a hollow gesture and public relations ploy because, after all, it's got lots of facts and names and dates in it and someone went to a lot of trouble to print it out and get it sealed and then unsealed. As such, you Iranian youth don't want to be fooling around in the face of such a powerful message, do you?

Permalink

Search BrokeAndBroker

Related Topics

Previous Entries

No Headlines Found

Tag Cloud

Bill Singer BrokeAndBroker FINRA Arbitration AWC SEC BrokerAndBroker Expungement Guest Blog Guest Blogger Aegis Frumento OBA Wells Fargo U5 BrokeAndBroker CRD InSecurities OHO Email Morgan Stanley Defamation U4 NAC ALJ Merrill Lynch BrokerCheck PST Supervision Whistleblower Statutory Disqualification Securities Industry Commentator Rule 3270 Suitability DOJ SDNY Promissory Note Rule 2080 Elderly Rule 2010 Willful WSP OIP Form U4 Wire Fraud Pro Se Rule 8210 EFL UBS Expenses RIA Form U5 Dodd Frank Stephen Kohn Business Expenses TRO Discretion Rule 1122 Bar Willfulness IRS Bank JP Morgan Fraud Discovery Wife Trump Ameriprise Husband NASD Bill SInger FAA Rule 3240 Borrowing Small Firm Conversion Supreme Court Rule 3280 Crypto Edward Jones Margin Wrongful Termination IRA Raymond James CCO Insurance 2Cir Estate Frumento Corrective Action Statement Outside Business Activities Stay Rule 12206 Mail Fraud Schwab arbitration Punitive Damages Tax LPL Promissory Notes Customer Bankruptcy Beneficiary Explained Decision TD Ameritrade Felony COVID Remand Citigroup Motion to Dismiss Options BrokeAndBroker.com Commissions Settlement Trust Case In Point OWB Injunction CFTC ACQ Board DCCir Rule 4511 OTR Initial Decision Retaliation Blockchain Sanctions Rule 3040 Tax Liens Ponzi Rule 2510 Wall Street Motion to Vacate Burris Due Diligence Forgery Spouses 9Cir Rule 4530 Discrimination Jurisdiction Eligibility Rule Unauthorized Discretion Reg SP Personal Expenses Unsuitability Offer of Settlement Rule 12200 Solicitation Outside Business Activity FBI Mandatory Arbitration SRO Insider Trading Bank of America Rule 3010 Compliance Failure to Supervise Checks NYSE Barclays Annuities Manifest Disregard ETF CRS Goldman Sachs Private Securities Transaction Divorce Disgorgement Loan Dissent FINRA Board Rule 3110 10Cir Class Action Cease And Desist PCAOB Fiduciary Conspiracy email Trustee Board of Governors Impersonation Power of Attorney Reimbursement Rule 9552 Credit Card IAR expungement VA Broker Protocol Unfair Competition Spoofing Spouse Cryptocurrency Customer Complaint Liens AML Zipper Emails Annuity Away Account T&P Tax Lien JPMorgan Complaint Indemnification Retirement Wey Disclosure Lucia SDFL Kokesh Due Process POA BD Breach of Contract Appeal MC-400 4Cir Lien Bitcoin Rule 12904 Willfully Coronavirus Public Interest Unauthorized Trading Postponement Racism BOP Severance REIT 3Cir Indictment Elder Abuse Securities Fraud Vacatur Fees Antitrust HFT Brummer Exhaustion of Administrative Remedies Dakota Securities Rule 12805 CMA Net Capital Test Motion to Confirm Rule 2111 Signature Covid Hilton Weiner Whistleblowers Wire Rule 3050 WSPs insecurities guest blogger guest blog aegis frumento Rule 2150 Employment Sexism Whistleblowing Statute of Limitations Marijuana PNC RR Suspension Gensler NASDAQ Deceased Widow Private Securities Transactions Examination Bureau of Prisons Money Laundering OIG BrokeAndBroker.com Blog Robinhood Stifel Nicolaus Sanction Guidelines Deutsche Bank PIABA Loans Bonus Rule 2081 Apple Stifel Signatures DNJ Non Solicitation Audit Will DOL Puts Bonds Leggett Puerto Rico Rule 13200 Preliminary Injunction Confidential Information Enforcement 11Cir Botkin Rule 4513 Misdemeanor Charles Schwab Self Regulation Great Recession OSHA Elder Fraud Mortgage TOD Absolute Immunity JPMS Margin Call Unjust Enrichment Mutual Funds CPA Membership Continuance Credit Suisse Statutory Disqualification Committee Hacking Registration Commission Unsuitable Small Firm Governor NoCA Website Rationale Diversity 1Cir supervision NDCA TheBlot Exam Pennystocks Standing Appointments Clause Arbitraiton Undisclosed Settlement ADA JPM Test Center Passcode BrokeAndbroker Inability to Pay RBC money laundering Mother IPO Finra Election Away Accounts Scottrade Immunity Rule 2210 Testimony Real Estate Robert Cook Annual Compliance Questionnaire AAA TCR Feigenbaum Spoliation Cannabis Statement of Corrective Action WB-APP Rule 13805 Waiver 6Cir Trade Secrets Written Supervisory Procedures 9/11 securities industry commentator State Actor E*Trade Rule 12504 Concentration Reg S-P Bandimere BrokeandBroker Extraordinary Cooperation Rule 9554 CEO Excessive Trading Sexist Affiliate Variable Annuities Michael King Biden Variable Annuity Hurry Sarbanes Oxley Form ADV brokeandbroker FINOP Compensation Imposter Michael King Associates Tortious Interference Solicited Irreparable Harm Restitution Johnny Burris Newman Superior Court FMLA Unsolicited DMD NRF Wachovia Facebook Star Wars Series 7 Medical Condition BrokeAndBroker Bill Singer FINRA Small Firm Rule 12212 Termination Fidelity Hester Peirce DDC Churning Conflict of Interest EDNY Ethereum Administrative Remedies Circuit Court Taxes Confidentiality Trading Platform Customer Information Non-Solicitation Subpoena Default Motion to Compel Sharemaster Financial Professionals Coalition Beneficiaries Research Sexual Discrimination ICO Talman Harris High Frequency Trading Pennystock Self Reporting Constitution Continuing Education Life Insurance Scottsdale 10b-5 Customers McDuff Self Directed PAQ Kon Social Media Marines Vietnam Marine Corps Honorarium Whitman Relevant Disciplinary History Consent Order Ride the Thunder Employment Agreement VIX IM Mutual Fund Service Hugh Hewitt Funds Rule 3030 Wanger Extraordinary Circumstances Stipulated Award Internet Rule 3310 Flash Crash Boycott Saad RMBS Hearing Sexual Harassment Government Accountability Project Information NSF SunTrust Cheating Check Kiting Guitron Obstruction RICO Lawyers Debit Card Wedbush Yesenia Guitron Testing ATM 5Cir Probate Respondeat Superior Privilege FNMA FINRA AWC Private Placement Dementia Scholander Interactive Brokers FOCUS Layering Nondisclosure Annual Audit Falsification 17a-5 Check JP Morgan Securities Guest Bloggers EEOC Lawyer Morgan Stanely Federal Reserve Chevron Son Revocation Capital Gains securities fraud Conflict SP Pension Prudential Oral Discretion Shah Gilani Slander Charity Penalty OWWP Hedge Fund Confirm Disciplinary History wire fraud Attorneys Fees WBAPP GameStop mail fraud Amazon Client Information Gamification Regulation SP Outside Counsel Fiduciary Duty Rory Flynn Acosta DCO Rule 1210 Blackbook Forex Executor Relevant Transamerica Liquidation NY Life Res Judicata Offset Puerto Rico Bonds Permanent Bar ARS Form TCR CDO SD FCI Rule 13504 Death Peirce ACH Joint Account Over Concentration WhatsApp Tesla FCI Beaumont FAP Zoom Texting Newport Coast Securities LLC Jennifer Tarr Obstruction of Justice Christian Stanley Rule 21F Arbitration Civil Rights Unauthorized Practice of Law Taft Correctional Institution Cold Spring Advisory Group Reverse Life Insurance Lehman Third Party Vendor Deferred Compensation Bear Stearns Oppenheimer Rule 13104 MSSB Elder Law 40 Act Withdrawals Rule 2430 Expert Witness Leveraged ETF Google OCIE Crime Embezzlement Control Person Non Solicit Securities America Libel Pruco Time And Price Commodities Fraud Verbal Discretion For Cause Book of Business First Amendment fraud NYG Capital Turnover EDPA bill singer Counterclaim Subject Matter Jurisdiction Tennis Court Mistake Trade Practices Oilpro Charge Rule 13904 Rule 12104 Calls Cantor Fitzgerald Allocation Compliance Questionnaire Trading Jay Clayton Retired Woman With Cane 10b-10 Constructive Discharge Rule 3210 Johnson Purshe Kaplan DAO Powell wrongful termination AWC. FINRA FINRA Arbitration Teleconference Finder\'s Fee Rule 12203 Hotel Jarkesy Nationwide ESOP Kierkegaard Motion Reason for Termination LIBOR AXA YouTube Administrative Process SDOH Non-Disclosure ESG CE Fernandez Trader Tax Advice Pham Panama Telephone Vungarala Cherry Picking Expulsion Lorenzo Nicolas Corcione Fundacion Nicor Ten Commandments Credit Cards SDCA Retroactive Bar Collateral Bar Municipal Advisor Fine Financial Disclosure Retroactive Pershing GME FNI Media sexism NRSRO DRS NFT Section 1332 Exception Reports Schottenstein Bartko FINRA Foundation Negligence Private Placements ALJ Grimes Third Party Beneficiary Transparency JOBS Act Last Known Address QuadrigaCX Mantar GAP Rule 21F-17 In House Counsel CD NYAG Communications Undertaking expenses Promoter SLUSA Accounting JAMS In Connection With Deceased Customer MAP reimbursement TSSB HSBC false statements AMC Rule 13206 Reg SHO DMCA Gross Ruder Task Force Confidential Audit Committee Sharing Agreement Books and Records Kiting Rule 144 VXX Corporate Governance Motion to Compel Arbitration Back Dated Equity ACT! Tysk Altered Apartment Particularity Declaratory Judgment Rule 13212 Lek Rule 13201 Ethics Court of Appeal Orders Daspin Rule 2140 APA Title VII Motion to Exclude Section 206 PSRO Joint Production Discharge Exception Report Salman Stephen A. Kohn Self Regulatory Organization Investment Advisers Act Kent Transitional Bonus UIT MSPB Ruemmler Production Bonus Burden of Proof Notice Alcoholism Jury Instructions Harris finra Confirmation NPI Sterne Agee ALJ Foelak NMS Covid-19 Shotgun Pleading Risk Romer Article V Motiion to Acquit Fraudulent Inducement Grievance LOA annuities Wires Crowdfunding Hacker Confidential Customer Information defamation Rule 12511 Bob Dylan Data Meals Office of Special Counsel Escrow Clearing Firm Bill singer Unauthorized Trades Stipulation Reasonable SIFMA S&P Microcap elderly Motion to Postpone Electronic Communications Fidelity Brokerage Services Public Arbitrator Dostoevsky Bezos Municipal Bonds Berthel Fisher ETFs Expert EDVA FOREX Currency CNBC Income Capitalism No Show Series 79 Guardian Punitive Cryptocurrencies PN Exotic ETF Clayton Lexicon Reg D Ecuador Production Hayden Newbridge MDLA Daughter Witness Tampering JPMorgan Chase NYLIFE Non-Solicit Rule 420 Voya Principal Quasi Governmental Exemption Non Compete College Solomon Day Trading Disability Regulation Elon Musk Restaurant Private Actor Disparate Treatment Abstention AI Chief Compliance Officer Willfull Nietzsche Bequest Rule 2330 Rule 9216 Unregistered Fee Conflicts Rule 1031 Game of Thrones whistleblower Initials Perjury Investment Adviser Howey Harassment Vaccarelli Led Zeppelin Broke And Broker Judgments Traders Exhaustion Doctrine SIE Success Fee TradeStation ADR