Iranian Hackers Claim Responsbility for the Breach of a New York Dam

A hactivist group based out of Iran has claimed responsibility for a cyberattack that made headlines in recent days. One official notes that the intrusion is only the “tip of the iceberg.”

A group who call themselves SOBH Cyber Jihad have communicated the message through another hacker outfit based out of Iran, Parastoo, to claim that they’re behind the recently reported breach of a New York dam. The hacking group have also promised to release technical information to prove their claim, reports NBC News.

It’s notable that the hackers did not take any credit for the breach until it was publicly revealed by a recent report by the Wall Street Journal, which Lifars reported on here.

Claiming their silence was “for the greater good,” the hackers claimed that they did not claim responsibility for the 2013 breach due to a “state-level” reminder that warned them not to go public with the information.

Related article: Iran-Based Hackers Targeted Dam in New York

Officials in Rye, where the Bowman Avenue Dam is located, said the Department of Homeland Security (DHS) informed them of an “unauthorized access” attempt to the city’s main computer system. The report was obtained by NBC News and revealed that the intruder had in fact accessed and read sensitive files that contained usernames and passwords. The breach occurred six times in total according to the DHS report, between August 22 and September 27, 2013.

While an NBC News source close to the investigation confirms the Iranian group being involved, there was no way to confirm if the hacking group had acted on their own accord or if they were backed by the state.

Significantly, the hackers did not try to manipulate the dam over the Blind Brook. The dam, originally constructed in the 40s, has a sluice gate that was accessible by the dam’s computer systems but it never really worked, city officials said.

New York Senator Charles Schumer, a Democrat, claimed the revelation ought to be a significant wakeup call that the nation’s critical infrastructure is at risk.

This cyber attack surely serves as a bucket of ice water to the face.

There are larger dams, there are public utilities, there are nuclear power plants. We don’t know how many attacks like his have been attempted. Is it just the tip of the iceberg?