The US government on Friday announced sanctions against six Iranian government officials caught launching cyberattacks against Israeli PLC vendor Unitronics.
The Treasury Department said the six officials are part of the Iranian Islamic Revolutionary Guard Corps Cyber-Electronic Command (IRGC-CEC), a Tehran organization “responsible for a series of malicious cyber activities against critical infrastructure in the United States and other countries.”
“The United States is taking action against these individuals in response to IRGC-affiliated cyber actors’ recent cyber operations in which they hacked and posted images on the screens of programmable logic controllers manufactured by Unitronics, an Israeli company,” the Justice Department said.
The sanctioned Iranian government officials include:
- Hamid Reza Lashgarian, head of the IRGC-CEC and commander in the IRGC-Qods Force. Lashgarian has been involved in various IRGC cyber and intelligence operations.
- Mahdi Lashgarian, Hamid Homayunfal, Milad Mansuri, Mohammad Bagher Shirinkar, and Reza Mohammad Amin Saberian are senior officials of the IRGC-CEC.
The US government said Iranian hacking teams have been linked to the “deliberate targeting of critical infrastructure,” ransomware attacks against a US hospital, and similar malicious cyber activity targeting European countries and Israel.
“Industrial control devices, such as programmable logic controllers, used in water and other critical infrastructure systems, are sensitive targets. Although this particular operation did not disrupt any critical services, unauthorized access to critical infrastructure systems can enable actions that harm the public and cause devastating humanitarian consequences,” the agency added.
“The deliberate targeting of critical infrastructure by Iranian cyber actors is an unconscionable and dangerous act,” said Under Secretary of the Treasury for Terrorism and Financial Intelligence Brian Nelson. “The United States will not tolerate such actions and will use the full range of our tools and authorities to hold the perpetrators to account.”
The sanctions come roughly two months after hackers linked to the Iranian government hijacked ICS at the Municipal Water Authority of Aliquippa in Pennsylvania and water utilities in multiple other states around the US.
Related: ICS at Multiple US Water Facilities Targeted by Hackers Affiliated With Iranian Government
Related: US Sanctions Two ISIS-Affiliated ‘Cybersecurity Experts’
Related: US Sanctions Russian National for Ransomware Money Laundering
Related: US, UK Slap Sanctions on Trickbot Cybercrime Gang
Related: US Sanctions North Korean Cyberespionage Group Kimsuky
