The US Treasury charged the Iranian spy agency and Esmaeil Khatib for supervising networks of hackers
Iran’s Ministry of Intelligence and Security and its leader were sanctioned by the US Treasury Department on Friday for allegedly conducting various hacking campaigns against the US government and its allies, including a July cyberattack that disrupted Albanian government services. The Treasury Department accused the Iranian spy agency and Esmaeil Khatib of supervising “several networks” of hackers engaged in cyber espionage and ransomware attacks in “support of Iran’s political goals.”
It’s the latest attempt by US officials to mitigate the impact of Iranian hacking, which Tehran sees as an asymmetric tool for projecting power and pursuing political goals, according to analysts. Treasury accused Iran’s Ministry of Intelligence and Security of being behind the July hack of the Albanian government, an incident that shook that NATO country and was condemned by the White House. Albania announced the termination of diplomatic relations with Iran in response to what appears to be the first case of hacking resulting in a break in ties between countries.
Separately, Treasury Under Secretary for Terrorism and Financial Intelligence Brian Nelson described Iran’s hacking as “increasingly aggressive,” while Secretary of State Antony Blinken warned that Tehran’s cyber activities “can cause grave damage” to “civilian government services and critical infrastructure sectors.” In June, FBI Director Christopher Wray accused Iranian government-backed hackers of attempting to hack Boston Children’s Hospital a year before, a charge Tehran denied.
On Friday, Iran’s Permanent Mission to the United Nations did not respond immediately to a request for comment. The sanctions come just days after US cybersecurity firm Mandiant disclosed details of alleged hacking campaigns linked to another Iranian government entity, the Islamic Revolutionary Guard Corps, that targeted US government officials focused on Iran policy and Iranian dissidents. The hackers appear to have aided the IRGC’s spying and repression efforts by targeting Iranian activists’ mobile phones and email accounts, as well as US officials’ email accounts, according to Mandiant.
An IRGC member was indicted by US prosecutors for his alleged role in a plot to assassinate former US national security adviser John Bolton. In exchange for sanctions relief, the Biden administration has attempted to resurrect a 2015 agreement with Iran to limit Tehran’s nuclear program. But, according to Blinken, Iran’s latest response to US efforts to broker a deal “takes us backwards.”