14 September 2022

The U.S. sanctioned twelve IRGC-affiliated individuals and entities “for their roles in conducting malicious cyber acts, including ransomware activity”. The Treasury Department described them as “a group of Iran-based malicious cyber actors who have been compromising networks based in the U.S. and other nations since at least 2020”, adding: “This group has launched extensive campaigns against organisations and officials across the globe, particularly targeting U.S. and Middle Eastern defence, diplomatic and government personnel, as well as private industries including media, energy, business services and telecommunications”. The State Department announced a reward offer for information on three of the sanctioned individuals, whom the Justice Department the same day indicted. Iran’s diplomatic spokesperson contended that the U.S., who had “previously remained silent against numerous cyber attacks against the Islamic Republic of Iran’s infrastructure, even against peaceful nuclear facilities, and has even directly or indirectly supported these attacks, lacks the credibility to accuse others of such acts”.

Subscribe to Crisis Group’s Email Updates

Receive the best source of conflict analysis right in your inbox.