Iran’s minister of intelligence, together with its Ministry of Intelligence and Security (MOIS), were sanctioned Friday by the Treasury Department’s Office of Foreign Assets Control (OFAC) for malicious cyber activities that threaten the national security of the United States and its allies.
Esmail Khatib, head of the MOIS, directs networks that use cyber espionage and ransomware attacks against other governments to further Iran’s political goals, OFAC said. The regulator specifically cited the July disruption of the Albanian government’s computer systems the United States believes to have been sponsored by the Iran government and the MOIS.
Iran and its proxies, OFAC said, have engaged in “malicious cyber operations” that have targeted other governments and private organizations worldwide since at least 2007.
“Iran’s cyberattack against Albania disregards norms of responsible peacetime state behavior in cyberspace, which includes a norm on refraining from damaging critical infrastructure that provides services to the public,” said Brian Nelson, the Treasury’s under secretary for terrorism and financial intelligence, in a press release. “We will not tolerate Iran’s increasingly aggressive cyber activities targeting the United States or our allies and partners.”
An April 2015 executive order signed by President Barack Obama states individuals, organizations, and government entities that use the internet as a terrorist tool can be subjected to financial and economic sanctions by OFAC.
An Iranian-sponsored cyber terrorist group, called MuddyWater, has been operating since 2018 and is responsible for ransomware attacks and other operations against private organizations and governments, including the Turkish government, OFAC said. Another group, APT39, has engaged in widespread theft of personal identifying information to potentially aid the government’s surveillance of Iranian citizens, the regulator added.
Iran is already on OFAC’s sanctions list for its support of terrorist groups and for human rights abuses against its own people.
OFAC’s actions Friday mean U.S. persons are generally prohibited from engaging in any transactions with Khatib and the MOIS. All property related to them that are subject to U.S. jurisdiction are blocked by the United States and cannot be transited through the country, except with special permission from OFAC.
Any non-U.S. persons or businesses who engage financially with Khatib or the MOIS might themselves be added to the sanctions list, OFAC said.