Iranian Man Pleads Guilty to Role in 2019 Baltimore Ransomware Attack
In a significant development in the ongoing battle against cybercrime, an Iranian national has pleaded guilty to participating in a high-profile ransomware attack on the city of Baltimore in 2019. Sina Gholinejad, 37, faces a maximum sentence of 30 years in prison for his role in the attack, which is believed to have caused tens of millions of dollars in losses and disrupted services.
The Attack: A Global Impact
The ransomware attack on Baltimore began on May 7, 2019, and was attributed to a self-spreading malware that infected tens of thousands of computers in nearly 100 countries. The attack had far-reaching consequences for the city, including damage to computer networks and disruptions to services such as property tax processing, water bill payments, parking citations, and other revenue-generating functions.
The Conspirators: Uncovering Iranian Links
According to the Department of Justice (DOJ), Gholinejad was one of several individuals involved in a string of ransomware attacks using the Robbinhood ransomware variant. The attackers, which included unnamed co-conspirators, targeted computer networks in cities across the United States, including Gresham, Oregon; Yonkers, New York; and Greenville, North Carolina.
The Iranian Connection: A Growing Concern
The DOJ statement notes that while no direct state-backed connection has been alleged in this case, U.S. authorities have warned of Iranian government hacking groups targeting critical infrastructure and private-sector entities. In recent years, Iranian-linked hackers have also targeted U.S. critical infrastructure under the guise of independent personas.
The Arrest: A Break in the Case
Gholinejad was arrested on January 10, 2025, at the Raleigh-Durham International Airport, according to federal court records. The circumstances surrounding his arrest were not immediately clear, and details were not made available by the assistant federal public defender assigned to his case.
The Guilty Plea: A Significant Victory for Law Enforcement
Gholinejad's guilty plea marks a significant victory for law enforcement in their efforts to combat cybercrime. The DOJ statement notes that the attack on Baltimore cost the city more than $19 million and had lasting impacts on its services.
The case highlights the ongoing threat posed by Iranian government hacking groups and the importance of international cooperation in combating cybercrime. As law enforcement agencies continue to uncover and prosecute individuals involved in these types of attacks, it is clear that cybersecurity will remain a growing concern for governments and private-sector entities around the world.
* Department of Justice statement * Federal court records * April 2024 indictment unsealed on Tuesday
Note: The article has been rewritten to make it more engaging and readable, with added headings and paragraphs to improve clarity.