HBO Data Theft Traced to Iranian Military Hacker

HBO Data Theft Traced to Iranian Military Hacker

Federal prosecutors announced charges Tuesday against a hacker “mercenary” affiliated with the Iranian military, saying he broke into HBO’s computer network in the summer looking to extort millions of dollars from the pay cable channel.

An indictment unsealed in New York on Tuesday said the suspect, Behzad Mesri, “had worked on behalf of the Iranian military to conduct computer network attacks that targeted military systems, nuclear software systems and Israeli infrastructure,” but the document does not allege he attacked HBO on behalf of the Iranian government.

Mesri is not in custody, and officials issued a “wanted” poster seeking help arresting him.

Using a popular line from HBO’s hit show “Game of Thrones,” acting US attorney for the Southern District of New York Joon H. Kim said: “Today, winter has come for Behzad Mesri.”

Because of the new indictment, Kim said, the suspect will not be able to leave his home country without risking arrest and extradition to the United States.

“For the rest of his life – and he’s a relatively young man in his late 20s – he will never be able to travel outside Iran,” he said.

And Kim hinted at more hacking charges to come against other Iranian hacking suspects.

“Unfortunately I suspect this will not be the last time that we charge cyber offenses against hackers with ties to the Iranian government,” he said.

According to the indictment, Mesri “was a member of an Iran-based hacking group called the Turk Black Hat security team. As a member of that group, Mesri conducted hundreds of website defacements using the online hacker pseudonym ‘Skote Vahshat’ against websites in the United States and elsewhere around the world.”

But in the HBO hack, authorities say his motives may have been simpler: greed.

The indictment said Mesri threatened to embarrass HBO by publicly releasing unaired episodes of some of their shows, such as “Ballers” and “The Deuce,” as well as full scripts for the seventh season of “Game of Thrones,” unless HBO paid “a ‘non-negotiable’ ransom of approximately $5.5 million worth of Bitcoin.”

When that demand wasn’t met, he raised his asking price to $6 million and threatened to destroy massive volumes of data on HBO’s hard drives, the indictment said.

The HBO hack roiled the entertainment industry in August, raising new concerns that studios’ hit shows could lose financial value when episodes leak out early.

But the case has also revealed disagreements inside the Justice Department, where senior officials have been pushing in recent weeks to make public a number of ongoing investigations involving Iranian suspects.

As The Washington Post reported Sunday, the HBO case is one of several that senior officials would like to unseal in coming weeks. The push to announce Iran-related cases has caused internal alarm, according to people familiar with the discussions, with some law enforcement officials fearing that senior Justice Department officials want to reveal the cases because the Trump administration wants Congress to impose new sanctions on Iran.

A series of criminal cases could increase pressure on lawmakers to act, these people said.

Asked about that report, Kim did not give a direct answer, saying he decided to unseal the charges in the HBO hacking case before the story published. He did acknowledge the short amount of time it took to unseal the charges was unusual for such a case but said that was because of the FBI’s exemplary investigative work.

Kim spent much of the news conference saying the indictment posed dire potential consequences for the suspect, Mesri, but he also admitted that they have little chance of arresting him anytime soon.

“We made that determination that we were not likely to be able to get him and we should go public with it,” Kim said.

Some federal officials have raised concerns that unsealing cases now could imperil ongoing investigative work or make it harder to catch suspects who might travel out of Iran, according to people familiar with the matter who spoke on the condition of anonymity to discuss active investigations.

Several people familiar with the HBO hack case pointed out that the Justice Department will often wait a year – sometimes several years – before unsealing charges in an international computer hacking probe, while this case was unsealed after three months.

[“Source-gadgets.ndtv”]