US Treasury Department Sanctions Iranian Officials for Cyber Attacks on Water Facilities
In a significant cybersecurity development, the US Treasury Department has announced sanctions against six Iranian officials, identified as members of the Islamic Revolutionary Guard Corps, for their involvement in a series of cyber attacks targeting water treatment facilities across the United States.
The decision came after investigations revealed that these individuals, belonging to Iran’s Islamic Revolutionary Guard Corps Cyber-Electronic Command, orchestrated a hack last November. Notably, one of the breaches involved hijacking the IT systems of a water provider in Aliquippa, Pennsylvania, leading to a defacement with the message: “You’ve been hacked. Down with Israel. Every equipment ‘Made in Israel’ is Cyber Av3ngers legal target.”
The US authorities have named Hamid Reza Lashgarian as the leader of this cyber warfare unit. The hacking group, known as CyberAv3ngers, reportedly exploited vulnerabilities in logic controllers produced by the Israeli company Unitronics. The US Cybersecurity and Infrastructure Security Agency highlighted that these cyber actors have been actively compromising devices since at least November 22, 2023, affecting multiple states across the US.
While the Treasury Department’s announcement also mentioned that the Iranian hackers targeted water facilities beyond the US borders, it confirmed that these attempts did not disrupt critical water services. In response to these cyber threats, Under Secretary of the Treasury for Terrorism and Financial Intelligence Brian Nelson asserted, “The United States will not tolerate such actions and will use the full range of our tools and authorities to hold the perpetrators to account.”
Due to the absence of an extradition treaty with Iran, the US is resorting to sanctions as a means to penalize the accused. Consequently, all US entities and individuals are prohibited from engaging in transactions with the sanctioned Iranian officials and their associated groups. The specific methodologies employed by the Treasury Department to trace the hacks back to these individuals were not disclosed. However, the investigation involved multiple federal agencies, including the FBI and NSA.