The Obama administration is preparing to publicly blame Iranian hackers for the 2013 cyberattack on a New York dam, according to CNN.
The Justice Department is preparing an indictment against the alleged hackers, U.S. officials familiar with the investigation told the news outlet.
The incident in question, revealed to the public in December, occurred amid a wave of Iranian hacks on U.S. banks and just three years after a computer worm believed to be built by the U.S. and Israel damaged nuclear infrastructure in Iran.
{mosads}Investigators said the hackers didn’t take control of the dam’s system but were probing its defenses. The White House was alerted when officials initially believed the intrusion occurred at a much larger facility in Oregon.
The breach was still classified as of December, but it fits a pattern openly described by U.S. officials who warn that hackers from Russia, Iran and China are testing U.S. critical infrastructure networks for vulnerabilities.
The Department of Justice declined to comment on the reported indictments.
“We have no comment on the media claims regarding the 2013 incident at the Bowman Avenue Dam,” the department said in a statement. “We take malicious activity in cyberspace seriously, and we will continue to use all the tools at our disposal to prevent, deter, detect, counter, and mitigate such activity.”
The public attribution is part of an Obama administration strategy in recent years to identify the countries and, if possible, the individuals behind cyberattacks as a means of deterrence.
“The administration has converted to the idea that there has to be consequences for bad behavior and that they have to signal places like Iran about behaving in cyberspace,” said James Lewis, an international cybersecurity expert at the Center for Strategic and International Studies.
In 2014, the Justice Department indicted five Chinese military officials alleged to have hacked various U.S. industrial firms. In 2015, it publicly attributed the massive breach of Sony Pictures Entertainment to North Korea.
The reported indictments also come as officials continue to warn that U.S. critical infrastructure is vulnerable to nation-state hackers.
National Security Agency Director Michael Rogers told lawmakers last fall that China and “one or two” other countries would be able to shut down portions of critical U.S. infrastructure with a cyberattack. Researchers suspect Iran to be on that list.
In fiscal 2015, the Department of Homeland Security responded to 295 hacking incidents related to industrial controls, up from 245 the previous year.
–Cory Bennett contributed.
–This post was updated at 2:53 p.m.