It has been announced that six Iranian officials have been sanctioned by the U.S. Department of Treasury's Office of Foreign Assets Control (OFAC), the Iranian government organization responsible for the series of malicious cyber activities directed against critical infrastructure in the U.S. and other countries. This organization is a part of the Iranian Islamic Revolutionary Guard Corps Cyber-Electronic Command (IRGC-CEC).
IRGC-affiliated cyber actors have been involved in recent cyber operations where they hacked and posted images on the screens of programmable logic controllers (PLCs) manufactured by Unitronics, an Israeli company. U.S. authorities are acting against these individuals in response to these recent cyber operations.
The control devices in water and other critical infrastructure systems, such as PLCs, are sensitive targets. However, even though no critical services have been disrupted during this operation, unauthorized access to critical infrastructure systems can enable actions that are harmful to the public and can have devastating humanitarian effects.
According to an official statement released by the US Department of Treasury, officials with the Iranian Islamic Revolutionary Guard Corps (IRGC) responsible for cyber attacks against critical infrastructure have been sanctioned. As a result of recent actions taken by actors affiliated with the IRGC involving the hacking of technology manufactured by the Israeli company Unitronics in water and wastewater facilities, this action has been taken to address the issue.
In a cyber attack against the municipal water system of Aliquippa, Pennsylvania, as well as other water systems throughout the country, a group called CyberAv3ngers, affiliated with the IRGC, has claimed responsibility for the attack. Several critical services were not disrupted, and the U.S. coordinated with the private sector and other affected countries to resolve the incidents.
It is important to keep in mind, however, that Treasury offices warn that cyberattacks “can be destabilizing and potentially escalatory” if they are accessed by unauthorized individuals and that such access can lead to actions that may damage the public and cause devastating humanitarian consequences.
Iranian Revolutionary Guard Corps (IRGC) officials responsible for cyber attacks against critical infrastructure have been sanctioned by the U.S. Department of the Treasury for their role in the attacks.
A spokesperson for the Treasury Department for Terrorism and Financial Intelligence, Brian E. Nelson, in his statement, described the intentional targeting of critical infrastructure as an unacceptable, dangerous, and unconscionable act.
In addition to this, the United States stated that the perpetrators would not be tolerated and that they would be held accountable using all the tools and authority at our disposal. The six sanctioned individuals were all designated as leaders of the Revolutionary Guard Corps Cyber-Electronic Command, IRGC-CEC, and as officials of the command. American companies and individuals are prohibited from trading with the six individuals and companies sanctioned.
Currently, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) is providing resources such as the recently released Incident Response Guide for the water and wastewater sector to support entities they call “target-rich, cyber-poor,” such as water and wastewater utilities. This is an effort to provide resources to the target-rich, cyber-poor entities.
In this regard, CISA considers that a few nations pose a threat because of their sophisticated malicious cyber activity intended to sustain prolonged system intrusions, including China, Russia, North Korea, and Iran.
A cyber attack on critical targets such as the water, transportation and energy sectors was accused by U.S. authorities just last week, which was linked to hacker networks linked to the Chinese Government.
It is reported that OFAC has added 6 individuals to its Specially Designated Nationals list. They are Hamid Homayunfal, Hamid Reza Lashgarian, Reza Mohammad Amin, Mahdi Lashgarian, Milad Mansuri, Reza Mohammad Amin Siberian and Mohammad Bagher Shirinkar.
According to the statement, Hamid Reza Lashgarian is the director of the IRGC's Cyber and Intelligence Center, a commander in the IRGC's Quds Force, and he has been involved in several IRGC operations related to cyber and intelligence.
In addition to Hamid Reza Lashgarian, the deputy commander of the IRGC-CEC, he is also supported by senior officials Hamid Reza Lashgarian, Mahdi Lashgarian, Hamid Homayunfal, Milad Mansuri, Mohammad Bagher Shirinkar, and Reza Mohammad Amin Saberian.
It is now illegal for these designated individuals to own assets in the US and you must stop all transactions that involve property in this country involving any assets owned by these individuals.
Financial institutions and individuals responsible for transacting with sanctioned entities and individuals may face criminal prosecution if they are found to have engaged in such transactions or activities.
However, the statement also stated: "The United States remains deeply concerned about the targeting of these systems, and it warns that cyber operations that intentionally damage or otherwise impair the operation and use of critical infrastructure in order to deliver services to the public are destabilizing and could escalate. "Insider reports show that Iranian cyber actors have not been targeting US infrastructure for the first time.