US Sanctions 6 Iranian Officials for Cyberattacks on Critical Infrastructure

Critical Infrastructure Cyber Attacks

The U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) announced sanctions against six officials linked to Iranian intelligence for targeting critical infrastructure entities in the U.S. and other countries.

The civil servants include Hamid Reza Lashgarian, Mahdi Lashgarian, Hamid Homayunfal, Milad Mansuri, Mohammad Bagher Shirinkar and Reza Mohammad Amin Saberian, who are part of the Cyber-Electronic Command (IRGC-CEC) of Iran’s Islamic Revolutionary Guard Corps.

Reza Lashgarian is also the head of the IRGC-CEC and commander of the IRGC-Qods Force. He is said to have been involved in several IRGC cyber and intelligence operations.

The Ministry of Finance said it holds these individuals responsible for conducting “cyber operations in which they hacked and planted images on the screens of programmable logic controllers manufactured by Unitronics, an Israeli company.”

In late November 2023, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) revealed that the Municipal Water Authority of Aliquippa in western Pennsylvania was targeted by Iranian threat actors by operating Unitronics PLCs.

The attack was attributed to an Iranian hacktivist personality called Cyber ​​​​Av3ngers, who came to prominence in the aftermath of the Israel-Hamas conflict, carrying out destructive attacks on entities in Israel and the US.

The group, which has been active since 2020, is also believed to be behind several other cyberattacks, including one targeting Boston Children’s Hospital in 2021 and others in Europe and Israel.

“Industrial control equipment, such as programmable logic controllers, used in water and other critical infrastructure systems, are sensitive targets,” the Treasury Department noted.

“While this particular operation did not disrupt any critical services, unauthorized access to critical infrastructure systems could enable actions that harm populations and have devastating humanitarian consequences.”

The development comes as a new pro-Iranian ‘psychological operations group’ known as Homeland Justice said It attacked Albania Institute of Statistics (Inst) and claimed to have stolen terabytes of data.

Homeland Justice has a track record of attacking Albania since mid-July 2022, with the threat actor last seen delivering a wiper malware codenamed No-Justice.

#Sanctions #Iranian #Officials #Cyberattacks #Critical #Infrastructure

Notify of
Inline Feedbacks
View all comments
Previous Post
Mispadu Banking Trojan

New Mispadu Banking Trojan Exploits Windows SmartScreen Flaw

Next Post
Mastodon Vulnerability

The Mastodon vulnerability allows hackers to hijack any decentralized account

Related Posts