Six Iranian government officials are facing sanctions after being linked to "malicious" cyber attacks targeting critical infrastructure organisations in the UK and abroad.
The US Treasury Department’s Office of Foreign Assets Control (OFAC) imposed sanctions on the officials who are part of the Iranian Islamic Revolutionary Guard Corps Cyber-Electronic Command (IRGC-CEC). They have been accused of hacking and posting images on the screens of programmable logic controllers manufactured by Unitronics, an Israeli company.
Under Secretary of the Treasury for Terrorism and Financial Intelligence Brian E. Nelson said: "The deliberate targeting of critical infrastructure by Iranian cyber actors is an unconscionable and dangerous act. The United States will not tolerate such actions and will use the full range of our tools and authorities to hold the perpetrators to account."
READ MORE: David Cameron issues warning to Iran as Houthi Red Sea crisis deepens
The cyber attacks did not disrupt any critical services, said the US Department of the Treasury in a press release, but it added that unauthorised access "can enable actions that harm the public and cause devastating humanitarian consequences." The Treasury said the US responded quickly and "remediated the incident with minimal impacts."
Gangsters ‘call for ceasefire’ after deadly Christmas Eve pub shootingThe six individuals added to OFAC's Specially Designated Nationals list are Hamid Homayunfal, Hamid Reza Lashgarian, Reza Mohammad Amin, Mahdi Lashgarian, Milad Mansuri, Reza Mohammad Amin Saberian and Mohammad Bagher Shirinkar. Hamid Reza Lashgarian is the head of the IRGC-CEC, a commander in the IRGC-Qods Force, and has been involved in various IRGC cyber and intelligence operations, according to the statement.
The statement added: "The United States nevertheless is deeply concerned about the targeting of these systems and cautions that cyber operations that intentionally damage or otherwise impair the use and operation of critical infrastructure to provide services to the public are destabilising and potentially escalatory." It is not the first time that Iranian cyber actors target US infrastructure.
Back in 2021, there were ransomware attacks and an attempted operation against Boston Children's Hospital. Similar incidents have also been recorded in other European countries and Israel, according to the US Treasury.
It added that sanctions were imposed "pursuant to the counterterrorism authority Executive Order (E.O.) 13224" in a bid to prevent further incidents. It means that all property and interests of the officials involved in the cyber attacks are blocked and must be reported to OFAC.
Persons or financial institutions who engage "in certain transactions or activities" with the sanctioned officials could also expose themselves to sanctions or face "an enforcement action", said the US Treasury. It added: "The prohibitions include the making of any contribution or provision of funds, goods, or services by, to, or for the benefit of any designated person, or the receipt of any contribution or provision of funds, goods, or services from any such person."