On September 14, 2022, the OFAC sanctioned ten individuals and two entities for their roles in conducting malicious cyber acts, including ransomware activity. This action is part of OFAC’s series of designations that aim to protect U.S. persons from ransomware activity, facilitators of ransomware activity, and other cybercrime.
OFAC, together with other government agencies, took action against a group of Iran-based malicious cyber actors who have been compromising networks based in the United States and other nations since at least 2020. The designated individuals and entities are all affiliated with Iran’s Islamic Revolutionary Guard Corps (IRGC). IRGC is known to exploit software vulnerabilities in order to carry out their ransomware activities, as well as engage in unauthorized computer access, data exfiltration, and other malicious cyber activities. According to the Treasury’s press release, the group victimized several entities throughout 2021 in several separate cyber attacks, including a New Jersey municipality, a U.S.-based children’s hospital, transportation providers, emergency service providers, schools, and an electric utility company.
As a result of the OFAC’s sanctions, U.S. persons and entities are prohibited from transacting with the people and entities added to the sanctions list.
Read the Treasury’s full press release here.