On September 14, 2022, the OFAC sanctioned ten individuals and two entities for their roles in conducting malicious cyber acts, including ransomware activity. This action is part of OFAC’s series of designations that aim to protect U.S. persons from ransomware activity, facilitators of ransomware activity, and other cybercrime.

OFAC, together with other government agencies, took action against a group of Iran-based malicious cyber actors who have been compromising networks based in the United States and other nations since at least 2020. The designated individuals and entities are all affiliated with Iran’s Islamic Revolutionary Guard Corps (IRGC). IRGC is known to exploit software vulnerabilities in order to carry out their ransomware activities, as well as engage in unauthorized computer access, data exfiltration, and other malicious cyber activities. According to the Treasury’s press release, the group victimized several entities throughout 2021 in several separate cyber attacks, including a New Jersey municipality, a U.S.-based children’s hospital, transportation providers, emergency service providers, schools, and an electric utility company.

As a result of the OFAC’s sanctions, U.S. persons and entities are prohibited from transacting with the people and entities added to the sanctions list.

Read the Treasury’s full press release here.

Adam Witmer

Adam Witmer is a speaker, author, and founder of the Compliance Cohort. Adam has taught hundreds of seminars and training sessions to thousands of bankers throughout the United States and teaches on all areas of regulatory compliance. Adam has written five e-books that he never published, hit a grizzly bear while driving in a National Park, and is an award winning photographer and musician (though he no longer takes photos nor plays any instruments). In his spare time, Adam can be found kayaking on the lake, doing taekwondo with his kids, working on his (project) house, or spending time with his family.

Website

Become a Free Member