Saturday, February 3, 2024

SIX Iranian Imposed US Sanctions for Cyber Attack on Water Facility and noJustice Malware

 


The U.S. Treasury Department's Office of Foreign Assets Control (OFAC) has imposed sanctions on six officials linked to the Iranian intelligence agency, targeting them for their involvement in cyber attacks on critical infrastructure in the U.S. and other nations. The sanctioned individuals, associated with the Iranian Islamic Revolutionary Guard Corps Cyber-Electronic Command (IRGC-CEC), include Hamid Reza Lashgarian, Mahdi Lashgarian, Hamid Homayunfal, Milad Mansuri, Mohammad Bagher Shirinkar, and Reza Mohammad Amin Saberian.


Reza Lashgarian, identified as the head of IRGC-CEC and a commander in the IRGC-Qods Force, faces allegations of participation in various IRGC cyber and intelligence operations. The Treasury Department asserts that these individuals conducted cyber operations involving the hacking and display of images on programmable logic controllers manufactured by Unitronics, an Israeli company.


The Iranian threat actors targeted the Municipal Water Authority of Aliquippa in Pennsylvania by exploiting Unitronics PLCs, as revealed by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) in late November 2023. The attack, attributed to the Iranian hacktivist persona "Cyber Av3ngers," emerged after the Israel-Hamas conflict, during which the group conducted destructive attacks in Israel and the U.S. Since 2020, Cyber Av3ngers has been linked to various cyber attacks, including one on Boston Children's Hospital in 2021.


The Treasury Department underscores the sensitivity of industrial control devices, such as programmable logic controllers, used in critical infrastructure systems. While this specific operation did not disrupt critical services, unauthorized access to such systems has the potential to harm the public and lead to devastating humanitarian consequences.


In a related development, a pro-Iranian "psychological operation group" named Homeland Justice has claimed responsibility for an attack on Albania's Institute of Statistics (INSTAT), alleging the theft of terabytes of data. Homeland Justice, known for targeting Albania since mid-July 2022, was recently observed deploying a wiper malware named No-Justice.

0 comments:

Post a Comment