All of those named were current or former employees of Najee Technology and the Afkar System Yazd Company, which the State Department has linked to the Revolutionary Guards.
It is not clear how much ransom money the men extracted, but some demands were paid, officials said. Prosecutors believe that the targets of the cyberattacks, identified only by location and a general description of their operations, were selected for no other reason than their systems were known to have vulnerabilities.
In several cases, the men hacked into computer systems; encrypted data using BitLocker, a commercially available software program used to protect information; then demanded payment in exchange for the data, the court filing said.
Victims included a township in Union County, N.J.; a construction business working on critical infrastructure projects and a public housing authority, both in Washington State; accounting firms in Illinois and New Jersey; a county government in Wyoming; and a domestic violence shelter in Pennsylvania.
Two electric power utilities, in Mississippi and Indiana, were also breached, but the intrusion did not affect their operations or cause any power disruptions, officials said.
In February 2021, the men targeted a township in Union County, gained control of its computer network, stole data and employed a hacking tool to set up remote access using a domain registered to Mr. Ahmadi, court documents showed.
In June 2021, the group gained access to the computer network at a children’s hospital, created unauthorized accounts, stole data and tried to encrypt information. Once alerted to the breach, administrators were able to repel the attack without any effect on patient care or medical services.