Iran pays millions in ransom to halt massive cyberattack on banks, sources say
An command prompt screen shows the codes. The Anonymous hacktivist group claimed an cyberattack to the National Bank of Iran as part of their acts against the Iranian government on Sep 26, 2022. (via X)
Iran paid millions of dollars in ransom in August to stop a massive cyberattack that targeted its banking system, according to sources familiar with the matter.
The attack, allegedly carried out by the hacker group IRLeaks, is believed to be the most severe breach Iran has faced in recent years, affecting nearly 20 domestic banks.
Hackers demand ransom to prevent data release
The hackers initially demanded $10 million in cryptocurrency to prevent the release of sensitive personal and credit card data from millions of Iranian bank customers. However, they later agreed to settle for a smaller sum of $3 million, according to industry analysts and Western officials briefed on the situation.
The data breach threatened to destabilize Iran’s already fragile financial system, which is under pressure due to international sanctions.
Cyberattacks can cause serious damage to countries. For example, cyberattacks cost German companies approximately 267 billion euros ($296 billion) over the past 12 months, according to a recent survey by Bitkom, the Federal Association for Information Technology, Telecommunications and New Media.
IRLeaks behind attack
IRLeaks, a group with a history of hacking Iranian companies, is believed to be behind the breach.
The group reportedly accessed the banks’ data through Tosan, a company that provides digital services to Iran’s financial sector. Tosan’s infrastructure was used as a Trojan horse, allowing the hackers to siphon data from private banks as well as the central bank. Among the affected institutions were the Bank of Industry and Mines, Mehr Interest-Free Bank, Post Bank of Iran, and others.
Iranian regime avoids public acknowledgment
Iranian authorities did not publicly acknowledge the cyberattack, which occurred in mid-August and forced banks to shut down ATMs across the country.
Opposition news outlet Iran International reported the attack at the time, but details about the hackers and the ransom demands remained undisclosed. Iran’s Supreme Leader Ali Khamenei indirectly addressed the attack, blaming foreign actors for creating “psychological warfare” without mentioning the banking system breach.
Iran’s fragile financial sector
Iran’s banking system has long been considered its Achilles heel. Already burdened by loans to the government and undercapitalized by international standards, Iranian banks are vulnerable to financial instability. With inflation nearing 40%, many Iranians depend on digital banking for daily transactions, making the system’s fragility even more concerning.
In a recent appearance on state television, Pezeshkian discussed the economic difficulties facing Iran, including high inflation, and assured the public that his administration is taking steps to resolve these issues.
“The people feel the current situation and high inflation. We have started working to solve the inflation problem,” Pezeshkian remarked, signaling his government’s commitment to stabilizing the economy.
We are actively engaging with around 40 countries and are in the process of negotiating agreements. We must bridge gaps in foreign policy to enhance our economic stability.
We must give investors confidence that we will create the conditions for their success and remove legal obstacles. If investors trust us, they will bring their money back to the country.
Iran’s President Masoud Pezeshkian
Pezeshkian emphasized the need to resolve internal differences and mend relations with neighboring countries and the international community, as these factors are closely tied to Iran’s economic success.
“We must resolve internal and external differences, as the economy is closely tied to diplomatic relations,” he stated, highlighting the link between Iran’s economic and diplomatic strategies.
