Iranian Hackers Hacked New York Dam in 2013

Iranian hackers attached the security of a dam outside of New York in 2013.
The hack of Bowman Avenue Dam near Rye Brook, New York, was not a sophisticated intrusion, but a test by Iranian hackers to see what they could access. The hackers got into the system through a cellular modem. The breach occurred during the same time that Iranian hackers were targeting US financial institutions.

The attackers were unable to get into the full dam system but could take control of the flood gates. Hackers can easily get into pieces of old critical infrastructure running on retro-fitted software that is connected to the Internet. More than 57000 industrial control systems (ICS) — more than any other country — that are largely unprotected on the Internet.

 
According to researchers at Shodan, a search engine that catalogs each machine online, the systems range from office air-conditioning units to major pipelines and electrical-control systems. Most of the critical infrastructure in the U.S. is privately owned, making it difficult for governments to harden the systems against attack.

  

Ashiyane Security Team: agent of the Iranian regime

Ashiyane Security Group (officially Ashiyane Information and Communication Technology Company) is one of the oldest cyber security group in Iran (since around 2002).
Ashiyane started with the aim of teaching users and network administrators as well as improving the security level of the computer networks.
During the mass protest against the presidential election in 2009, Iran tried to control the protests in cyber space and since then Ashiyane Security Team trying to do so via hacking and identifying cyber activists which implied that Ashiyane cooperated with the Iranian Revolutionary Guards Corps (IRGC) and other security units leading many to believe that the “Iranian Cyber Army” group is actually also the Ashiyane group.

Before 2009 protests, Ashiyane was involved in activity for the state e.g. in response to the publication of cartoons depicting the Prophet Muhammad in Danish newspapers, over 1000 American, British and French websites were hacked by Ashiyane. News of Ashiyane activities was highly published by some news agencies such as Fars, IRNA and the newspapers such as Iran, Javan and Keyhan and was named as “Iran’s victories in cyber space”.

After changing the home page of this website, Ashiyane mostly displays a political message on the main page so that Behrouz Kamalian (team founder) said in an interview with Fars News Agency about this activity: “In response to the inhumane actions of the terrorism sponsors, headed by US and Britain, the new way of confronting is raised.”

Kamalian has also been quoted deflecting rumors about Ashiyane cooperating with the Islamic Republic Security System, “Ashiyane has also officially worked to improve the security of web sites and intranets and has served many governmental organizations, military and private companies. Unfortunately it has been announced that Ashiyane Group is affiliated to the government by many of the opposition websites with Iran’s government. I have said in my other interviews that our team is an independent group and is not affiliated with any other military or governmental organizations. We act spontaneously based on our bias and when we see a country insults our religion or our nationality, so we display our objection through penetrating into their sites and it does not mean that we have been ordered to do so. If Ashiyane was an affiliated group, it wouldn’t be able to easily interview with the media, and this freedom is a sign of our independency.”

Kamalian contradicted himself by also saying: “We get orders to hack different sites both from legal persons and individuals, but this is not part of our ordinary project and we reject many of these orders. We have never accepted to hack an internal websites to gain money. But there are websites that had insulted Quran and our religion. In these occasions we would also like to penetrate into these sites.”

Kamalian has also announced about the corporation of Ashiyane with Department of IRGC Cyber Defense: “We corporate with military organizations in the field of counselling and improving the security, but it is never in the way that we get order to work on their behalf.”

He created Alborz Hackers Group which was among the first groups of Iranian hackers in 2001 and met Mahdi Mirzaei there; this meeting caused the creation of a new group called Ashiyane Group in 2002.

This team started its activity by hacking the university’s websites in the country such as University of Science and Industry (Elm & Sanaat) and Amir Kabir University.

Hacking the Iranian sites would quickly lead the Ashiyane Group to get fame among those interested in Informatics Science and many security companies (in network and internet field) invited them to cooperate.

Increasing economic activities of the group tend Kamalian to decide about registration the Ashiyane Group as an official and legal company and after the registration, in addition to providing network and servers’ security, consulting services and selling security softwares, also hold hacking, cracking and network and server and also security training.

The project of hacking a Persian website called “Balatarin” was one of the Ashiyane’s activities that raised the most negative reactions; Ashiyane declared the project with the cooperation of Virtual Jihad Group affiliated with Basij of Students, but after the negative reactions toward it Bahman Kamalian denied any involvement in the hacking.

Members


Except the name and the photo of the director of the group there isn’t complete information neither about identity and reality of Ashiyane Group nor about other certain photo of its members, although research has revealed the names & handles below:
 

  • Behrouz Kamalian (Director, handle: Behrouz_ice)
  • Nima Salehi (member/manager, handle: Q7X)
  • Mahdi Chinichi (member/manager, handle: Virangar)
  • Omid Norouzi (member/manager, handle: Sha2ow)
  • Farshid Sargheini (member/manager, handle: Azazel)
  • Hamid Norouzi (member/manager, handle: eychenz)
  • Iman Honarvar (member, handle: iman_taktaz)
  • Keyvan Sedaghati (member, handle: keivan)
  • Ali Seid Nejad (member, handle: Ali_Eagle)
  • Milad Bokharaei (member, handle: ®Maste)
  • Mohammad Tajik (member, handle: taghva)
  • Meghdad Mohammadi (member, handle: M3QD4D)
  • Erfan Zadpoor (member, handle: PrinceofHacking)
  • Mohammad Reza Dolati (member, handle: HIDDEN-HUNTER)
  • Kaveh Jasri (member, handle: root3r)
  • Navid Naghdi (member, handle: elvator)
  • Mohammad Hadi Nasiri (member, handle: unique2world) 
  • Amin Javid (member, handle: Gladiator)
  • Vahid Maani (member, handle: WAHID 2)
  • Sina Ahmadi Neshat (member, handle: Encoder)
  • Milad Mazaheri (member, handle: mmilad200)
  • Armin (member, handle: n3me3iz)
  • Mohammad Mohammadi (member, handle: Classic)
  • Mahdi K. (member, handle: r3d.z0nE)
  • Mohammad Reza (member, handle: iNJECTOR)
  • Mohammad Reza Ali Babaei (member, handle: mzhacker)
  • Ramin Baz Ghandi (member, handle: fr0nk)
  • Ashkan Hosseini (member, handle: Http://Askn)
  • Ali Hayati (member, handle: Zend)
  • Milad Jafari (member, handle: Milad-Bushehr)
  • Mehrab Akherati (member, handle: AliAkh)
  • Amir Hossein Tahmasebi (member, handle: __amir__)
  • Amin Bandali (member, handle: anti206)
  • Shahin Salak Tootonchi (member, handle: ruiner_blackhat)
  • Poorya Mohammadrezaei (member, handle: Hijacker)

Mission


Apart from the security and anti-security activities of Ashiyane, it has established its hosting company, believing about the provided services: “Communication and Information Company of Ashiyane has decided to enter the hosting field due to analyzing the present situation of web hosting in Iran and realizing the lack of security and knowledgeable people in this field; in order to gratify the shortage, Ashiyane Host Company is ready to present high quality and security services. 

Considering the strength of the Ashiyane’s security team in hacking and security, being aware of up-to-date methods of penetrating, having access to illegal hacker communities,as well as utilizing these methods, Ashiyane applies its knowledge in security and configuration of the servers so that the company is able to close the penetration ways one step ahead of others and bring satisfaction to the customers.

Despite the remarkable statement of Ashiyane about its ability, while earlier it was also claimed that Ashiyane had discovered the security hole in the Telegram software messenger and the news quickly found a wide reflection in the media close to the Islamic Republic, the website of Ashiyane Security Group was hacked on July 1, 2014 and there was a black page appeared written in English: “This site has been hacked by Iranian Black Hat hackers group:” when the site was visited.