Pierluigi Paganini February 04, 2024

The US government issued sanctions against six Iranian government officials linked to cyberattacks against critical infrastructure organizations. 

The U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) has imposed sanctions on six Iranian government officials associated with cyberattacks targeting critical infrastructure organizations in the US and abroad.

“Today, the Department of the Treasury’s Office of Foreign Assets Control (OFAC) sanctioned six officials in the Iranian Islamic Revolutionary Guard Corps Cyber-Electronic Command (IRGC-CEC), an Iranian government organization responsible for a series of malicious cyber activities against critical infrastructure in the United States and other countries.” reads the announcement published by the US OFAC.

The six members of the Iranian Islamic Revolutionary Guard Corps Cyber-Electronic Command (IRGC-CEC) are Hamid Reza Lashgarian, Mahdi Lashgarian, Hamid Homayunfal, Milad Mansuri, Mohammad Bagher Shirinkar, and Reza Mohammad Amin Saberian.

Reza Lashgarian is also the head of the IRGC-CEC. The Iranian Islamic Revolutionary Guard Corps Cyber-Electronic Command (IRGC-CEC) is an organization within the Iranian government responsible for cybersecurity and cyber warfare. It is considered a major threat by many countries, including the United States, due to its involvement in various malicious cyber activities.

The announcement states that these individuals were involved in cyber operations against critical infrastructure, they hacked and posted images on the screens of programmable logic controllers manufactured by the Israeli firm Unitronics. 

The OFAC states that ICS and SCADA systems used in critical infrastructure environments, are sensitive targets. 

“The deliberate targeting of critical infrastructure by Iranian cyber actors is an unconscionable and dangerous act,” said Under Secretary of the Treasury for Terrorism and Financial Intelligence Brian E. Nelson.  “The United States will not tolerate such actions and will use the full range of our tools and authorities to hold the perpetrators to account.”

While this specific operation did not lead to the disruption of critical services, their effects can jeopardize public welfare and result in severe humanitarian consequences.

Iran-linked threat actors are known for their cyber activities against U.S. critical infrastructure, including ransomware attacks. They also targeted entities in European countries and Israel.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, Iran)