February 7, 2024

US designates six IRGC-CEC officials linked to cyberattacks against critical infrastructure

On February 2, 2024, the US Department of the Treasury’s Office of Foreign Assets Control designated six officials associated with an Iranian government organization responsible for a series of malicious cyber activities that targeted critical infrastructure in the United States, the European Union and Israel.  According to OFAC, the sanctions were in response to recent cyberattacks involving images that were allegedly posted on the screens of certain programmable logic controllers manufactured by Unitronics, an Israeli company – controllers that are commonly used in water and other critical infrastructure systems.  According to OFAC, the designated officials work for the Iranian Islamic Revolutionary Guard Corps Cyber-Electronic Command (“IRGC-CEC”), also known as the IRGC Electronic Warfare and Cyber Defense Organization, an organization that has been designated in the US since 2018 under EO 13606, which targets grave human rights abuses by the governments of Iran and Syria.  Among the designees is Hamid Reza Lashgarinan, the head of the IRGC-CEC, who is also a commander in the IRGC-Qods Force who has allegedly been involved in various cyber and intelligence operations for the IRGC.  The other designees were identified as senior officials in the IRGC-CEC.

The six officials were designated pursuant to the counterterrorism authority EO 13224, as amended.  As a result of these designations, all property and interests in property of the designees within the United States or within the possession or control of a US person are blocked, and US persons are generally prohibited from engaging in transactions involving the designated persons.  Entities owned 50 percent or more by one or more blocked persons are also blocked.