CBS Evening News

New fears over protecting U.S. infrastructure from terrorists

By Kris Van Cleave

/ CBS News

How secure are U.S. infrastructure facilities?

NEW YORK -- The federal government today charged seven Iranians with using a cyberattack to try to take over a New York dam. The Iranian hackers also allegedly targeted 46 of the nation's largest financial institutions, causing disruption to online services and making hundreds of thousands of Americans unable to access bank accounts online.

Attorney General Loretta Lynch, and FBI Director James Comey stand by a wanted poster of Iranians who are wanted by the FBI for computer hacking during a news conference at the Justice Department in Washington, Thursday, March 24, 2016. Seven hackers tied to the Iranian government were charged Thursday in a series of punishing cyberattacks on a small dam outside New York City and on dozens of banks AP Photo/Jacquelyn Martin

Federal investigators say that over the course of several weeks in 2013, one of the Iranian hackers repeatedly gained access to computers controlling key systems of the dam, located 29 miles from Manhattan.

The dam was out of service at the time, but had it been operational, the hacker could have controlled the dame's water level, as well as the flow rate.

Can cyber-hackers shut down the power grid?

"These attacks were relentless, systemic, and widespread," said Attorney General Loretta Lynch, noting that the outcome "could have posed a clear danger to the public health and safety of Americans."

The seven men are now wanted by the FBI and their indictment comes as we're learning terror groups like ISIS are interested in hitting infrastructure targets, including nuclear power plants.

After 9/11 security at U.S. nuclear plants was increased to defend against both cyber and traditional terror attacks. But there are more than 7,300 power plants in the U.S.

Perry Pederson led a project that took over and destroyed a diesel generator at a power plant.

"It's not just getting in and getting out quickly. Malicious control is about getting in to a system and persisting," Pederson said.

"I would be very concerned about a blended attack -- one that uses cyber to perhaps soften the target, shutdown control systems or security systems, create openings that provide opportunity for physical attackers to then come on site."

While extradition from Iran seems unlikely, the director of the FBI warned: The world is small, and our memories are long.

First published on March 24, 2016 / 7:46 PM EDT

© 2016 CBS Interactive Inc. All Rights Reserved.

f

We and our partners use cookies to understand how you use our site, improve your experience and serve you personalized content and advertising. Read about how we use cookies in our cookie policy and how you can control them by clicking Manage Settings. By continuing to use this site, you accept these cookies.