By Canadian Press

FBI charges two men in 2016 ransomware attack that hit University of Calgary

Nov 28, 2018 | 4:05 PM

CALGARY — The FBI says it has charged two men in Iran as part of an investigation into cyberattacks that targeted the University of Calgary and computer networks in the United States.

The university paid a ransom of $20,000 after the 2016 attack to preserve an option to restore critical research data.

The FBI says “SamSam” ransomware infiltrated computer networks in Atlanta, San Diego and Newark, N.J., as well as major health-care providers, the University of Calgary and others.

Investigators allege the malware encrypted data and files, and the suspects demanded payment to restore access to affected systems in what the FBI calls “21st-century blackmail.”

The U.S. Justice Department estimates the cyberattacks caused more than $30 million in damage to public and private institutions and that $6 million in ransom payments were extorted.

Meaningful Mementos

Remembering Someone You've Lost at Christmas

Dec 03, 2024

Seasonal Sorrow

How Do You Get Through The Holidays When You're Grieving?

Nov 01, 2024

Upcoming Events at Oliver's

Grief & Loss and Estate Planning Seminars

Oct 02, 2024

Linda Dalgetty, vice-president of the University of Calgary, says the administration is grateful that charges have been laid.

“The University of Calgary would like to thank the Federal Bureau of Investigation, the Calgary Police Service, and all co-operating law enforcement agencies for their diligence and perseverance in investigating this matter,” she said Wednesday in a release. 

“We are thankful that law enforcement agencies take such criminal acts very seriously and were able to locate the perpetrators and issue arrest warrants.”

Faramarz Savandi and Mohammad Mansouri are each charged with conspiracy to commit wire fraud, conspiracy to commit fraud, intentional damage to a protected computer and transmitting a demand in relation to damaging a protected computer.

“The actions highlighted today, which represent a continuing trend of cyber criminal activity emanating from Iran, were particularly threatening, as they targeted public safety institutions, including U.S. hospital systems and governmental entities,” Amy Hess, an FBI spokeswoman, said.

The agency acknowledged that both suspects are in Iran and are out of the reach of U.S. law enforcement.

It said they can be apprehended if they travel and the United States is exploring other ways of bringing them to justice.

The Canadian Press

Note to readers: This is a corrected story. Previous version cited FBI website that said $30 billion in damage. U.S. Justice Department says the figure is more than $30 million