Summary:
The US issues new sanctions against Iran after “destabilizing and potentially escalatory” cyber attacks against US critical infrastructure. The remarks were made in a statement that announced sanctions against six Iranians for last year’s cyber-attack against Unitronics, an Israeli manufacturer of programmable logic controllers used in the water sector and other critical infrastructure organizations. Several organizations in the water sector were impacted by a group of hacktivists called the CyberAv3ngers.

The Department of the Treasury’s Office of Foreign Assets Control (OFAC) said the six individuals are senior officials of the Iranian Islamic Revolutionary Guard Corps Cyber-Electronic Command (IRGC-CEC), an agency of the Iranian government. The US identified the IRGC as being responsible for the incident in December 2023, in which a defacement image was posted stating, ‘You have been hacked, down with Israel. Every equipment ‘made in Israel’ is CyberAv3ngers legal target.’

Security Officer Comments:
The attacks were quickly remediated and thankfully did not disrupt critical systems. While not directly impactful, the OFAC says they had the potential for “devastating humanitarian consequences.” US officials say the deliberate targeting of critical infrastructure by Iranian actors is an “unconscionable and dangerous act.” Officials further note that the US will not tolerate such actions and will use their full range of tools and authorities to hold adversaries accountable for their actions. While the water sector felt the brunt of this latest cyber escalation, Iranian actors have previously targeted critical infrastructure on numerous occasions, notably attempting to attack Boston’s Children's Hospital in 2021.

Foreign adversaries and hacktivists groups, a line which is sometimes blurred, are looking to target organizations that would have immediate impacts to adversarial nations. The goal of these attacks is to shame adversarial nations, disrupt critical infrastructure, create chaos, and promote their own geopolitical interests and ideologies.

Suggested Corrections:
“Head of the IRGC-CEC, Hamid Reza Lashgarian, was among those sanctioned, alongside senior officials Hamid Reza Lashgarian, Mahdi Lashgarian, Hamid Homayunfal, Milad Mansuri, Mohammad Bagher Shirinkar, and Reza Mohammad Amin Saberian. Any assets owned by these designated individuals in US are now blocked and all transactions involving property in the country are prohibited. Financial institutions or individuals found to engage in transactions or activities with the sanctioned entities and individuals could face criminal prosecution” (Info Security Magazine, 2024).

Link(s):
https://www.infosecurity-magazine.com/news/us-iran-sanctions-cyber-attacks/