10 people and two organizations that the US claims are connected to the Iranian IRGC and engaged in “malicious” cyber activities, such as ransomware activity, have been subjected to sanctions.
The US Department of the Treasury charged a “group of Iranian IRGC affiliated hostile cyber actors” on Wednesday with hacking into networks in the US and other countries since at least 2020.
The organization, according to the agency, “is known to use software vulnerabilities to carry out their ransomware activities, as well as engage in unauthorized computer access, data exfiltration, and other harmful cyber activities.”
As the two nations battle to find a way back into the 2015 nuclear agreement, the restrictions follow punitive measures taken last week against Iran’s Ministry of Intelligence and Security for what the US called “malign cyber activity.”
Last Friday’s penalties were a reaction to a July hack that affected official websites in Albania and was attributed to Tehran by Washington and Tirana. Any involvement has been refuted by the Iranian government.
Wednesday’s sanctions prevent the targeted companies and people from accessing their assets in the US and forbid US citizens from doing business with them.
A division of the Iranian military, the IRGC ultimately responds to Ali Khamenei, the Supreme Leader. It oversees the Iranian government’s clandestine overseas activities and military assistance to allies in the area.
According to Treasury official Brian E. Nelson, “Ransomware actors and other cybercriminals have targeted businesses and critical infrastructure across the board, regardless of their national origin or base of operations—directly threatening the physical security and economy of the United States and other nations.”
The Treasury Department also said that reported ransomware payments in the US increased to approximately $590 million in 2021 from a total of $416 million in 2020.