Governor Kay Ivey applauds DOJ indictment of two Sudanese nationals in Alabama cyberattack

computer hacking

Governor Kay Ivey on Wednesday applauded the federal indictment of two Sudanese nationals after their involvement in a cyberattack on Alabama, as well as hospitals, government facilities and other critical infrastructure around the world. Earlier this month, the U.S. Department of Justice unsealed that a federal grand jury charged two individuals with operating and controlling Anonymous Sudan, an online cybercriminal group responsible for tens of thousands of distributed denial of service (DDoS) attacks. In March 2024, pursuant to court-authorized seizure warrants, the U.S. Attorney’s Office and FBI seized and disabled Anonymous Sudan’s powerful DDoS tool, which the group allegedly used to perform DDoS attacks, and sold as a service to other criminal actors. Ahmed Salah Yousif Omer, 22, and Alaa Salah Yusuuf Omer, 27, were both charged with one count of conspiracy to damage protected computers. Ahmed Salah was also charged with three counts of damaging protected computers. “Criminal activity of any kind, including that coming from outside of our state, will not be tolerated in Alabama,” said Governor Ivey. “I am thankful for the quick action of our Office of Information Technology, and I applaud the indictment of these individuals responsible for this attempt to disrupt state government and many other operations around the world. Any individual or organization who attempts to harm our state, our citizens or our way of life will be subject to prosecution to the fullest extent of the law.” Alabama state government websites were subject to a DDoS attack in addition to sites around the nation. Immediately upon discovering a cyber event was underway, the state responded quickly and decisively to ensure no access or damage occurred to the state’s network, resources and data, or infrastructure. While this indictment is an allegation of criminal activity and the defendants are presumed innocent until proven guilty, these two individuals will face statutory maximum sentences ranging from five years to life in federal prison, if convicted of all charges. According to a press release by the U.S. Department of Justice, “An indictment is merely an allegation, and the defendants are presumed innocent unless and until proven guilty beyond a reasonable doubt in a court of law. If convicted of all charges, Ahmed Salah would face a statutory maximum sentence of life in federal prison, and Alaa Salah would face a statutory maximum sentence of five years in federal prison. The investigation of Anonymous Sudan was conducted by the FBI’s Anchorage Field Office, the Defense Criminal Investigative Service, and the State Department’s Diplomatic Security Service Computer Investigations and Forensics Division. Assistant United States Attorneys Cameron L. Schroeder and Aaron Frumkin of the Cyber and Intellectual Property Crimes Section are prosecuting this case, with substantial assistance from Trial Attorney Greg Nicosia of the National Security Division’s National Security Cyber Section. Assistant United States Attorneys Schroeder and Frumkin, along with Assistant United States Attorney James Dochterman of the Asset Forfeiture Section, also obtained the seizure warrants for computer servers constituting Anonymous Sudan’s DCAT tool. The DOJ Criminal Division’s Office of International Affairs, the FBI’s International Operations Division and Behavioral Analysis Unit, and the U.S. Attorney’s Office for the District of Alaska aided in this investigation. These law enforcement actions were taken as part of Operation PowerOFF, an ongoing, coordinated effort among international law enforcement agencies aimed at dismantling criminal DDoS-for-hire infrastructure worldwide, and holding accountable the administrators and users of these illegal services.  Akamai SIRT, Amazon Web Services, Cloudflare, Crowdstrike, DigitalOcean, Flashpoint, Google, Microsoft, PayPal, SpyCloud and other private sector entities provided assistance in this matter.” The unsealed indictment can be read on the DOJ’s website. “We will always do what is required to protect everyone who calls Alabama home,” added Governor Ivey.  

Huntsville schools reopen after cyberattack minus computers

computer typing

Students have returned to class in one of Alabama’s largest school systems after a cyberattack shut down the system last week, but students in Huntsville are doing their work on paper rather than computers. Huntsville city schools said in an update that students still didn’t have access to computers as classes resumed Monday, a week after the attack first forced a shutdown. Workers spent the weekend helping teachers make copies and delivering them to schools, officials said in a message posted on the system’s website, and students who aren’t in traditional classes because of the pandemic also are getting paper copies rather than virtual lessons. Teachers and students still aren’t allowed to turn on electronic devices. Bo Coln, the principal of Challenger Middle School, said many parents had picked up lesson packets, and administrators were trying to make sure each child received the materials. “I personally will take it to their house if I have to because they have to be getting the information. So my assistant principal and I will probably deliver a lot of them if they don’t pick them up, but I know we are having a pretty good turn out,” Coln told news outlets. With nearly 23,000 students, more than 2,000 employees, and about 40 schools, Huntsville City Schools closed early on Nov. 30 because of what officials described as a ransomware attack and remained closed the rest of the week. In a typical ransomware attack, hackers gain access to a computer system and threaten to withhold or destroy information unless money is paid. School officials haven’t released details on the type of attack that forced the shutdown, and it’s unclear what information might be compromised. Republished with the permission of the Associated Press.