The US Treasury’s Office of Foreign Assets Control (OFAC) has imposed sanctions on four Iranian nationals for their involvement in cyber operations targeting US entities on behalf of the Iranian Islamic Revolutionary Guard Corps Cyber Electronic Command (IRGC-CEC).
Description
The designated individuals [2] [5], Alireza Shafie Nasab [2] [5], Reza Kazemifar Rahman [2] [5], Komeil Baradaran Salmani [5], and Hosein Mohammad Haruni [5], have been charged with conspiracy to commit computer fraud and wire fraud for their roles in cyber campaigns targeting US businesses and government entities, including contractors for the Department of Defense [4], and the departments of the Treasury and State [4]. These individuals are associated with IRGC front companies Mehrsam Andisheh Saz Nik (MASN) and Dadeh Afzar Arman (DAA) [6], which acted as fronts for the IRGC-CEC. The group utilized techniques like spear phishing, ransomware attacks [1] [3] [5], and malware to target US entities, including contractors for the Department of Defense [4], and the departments of the Treasury and State [4]. The individuals have also been linked to cyberattacks on US water plants. The sanctions block property and transactions involving the designated individuals [2], with potential consequences for financial institutions or individuals engaging with them [2]. Today’s action is being taken pursuant to counterterrorism authority Executive Order (E.O.) 13224 [1] [3], as amended [1] [3], and all property and interests in property of the designated persons in the US are blocked [3]. Previous sanctions by Western governments have targeted similar malicious cyber actors, although experts caution that sanctions alone may have limited impacts on these groups [2].
Conclusion
Sanctions imposed by the US Treasury’s OFAC on the four Iranian nationals involved in cyber operations targeting US entities highlight the ongoing threat posed by malicious cyber actors. While these sanctions serve as a deterrent, experts warn that additional measures may be necessary to effectively combat cyber threats in the future.
References
[1] https://www.eurasiareview.com/24042024-us-designates-iranian-cyber-actors-targeting-companies-and-government-agencies/
[2] https://www.infosecurity-magazine.com/news/us-sanctions-iranian-cyber-attacks/
[3] https://home.treasury.gov/news/press-releases/jy2292
[4] https://www.theverge.com/2024/4/24/24139160/doj-iranian-nationals-cyberattack-charge
[5] https://govconexec.com/2024/04/treasury-sanctions-iranian-cyber-actors-targeting-us-entities/
[6] https://cyberscoop.com/iranian-nationals-charged-with-hacking-u-s-companies-treasury-and-state-departments/