US Sanctions Iran’s Intelligence Ministry and Minister

The US Treasury Department on Friday, September 9, sanctioned Iran’s Intelligence Ministry in connection with a July cyber attack on Albanian infrastructure.

The department also announced in a statement on its website that Esmail Khatib, Iran’s Intelligence Minister, has been added to the sanctions list.

Previously, the US, Britain, and NATO had attributed hacking attacks on Albania to hackers affiliated with the Islamic Republic and strongly condemned them.

The United States had also emphasized that cyber attacks attributed to Iran would not go unpunished.

The US Treasury further clarified in its statement that the Intelligence Ministry and its minister are involved in cyber attacks against the United States and its allies.

The statement added that since 2007, the Intelligence Ministry and its proxy hackers have conducted extensive destructive cyber attacks against a range of sensitive government and private infrastructure worldwide.

According to the US Treasury Department, hackers affiliated with the Intelligence Ministry disrupted Albania’s government computer systems in July of this year, forcing the government to suspend online service delivery to citizens.

Brian Nelson, US Deputy Secretary of the Treasury for Terrorism and Intelligence, stated that Iran’s cyber attacks against Albania violate norms and responsible state behavior in peacetime.

He further warned that Washington will not tolerate Iran’s increasing aggressive cyber activities against the United States or its allies and partners.

Albanian Prime Minister Edi Rama accused Iran on Wednesday of this week in an unprecedented video address of being involved in cyber attacks on the country’s infrastructure. He then ordered Iranian diplomats and staff to close Iran’s embassy and leave the country within 24 hours.

Tehran, in turn, condemned Albania’s action to sever diplomatic relations, considering it based on “baseless claims.”

The US Treasury further stated in its announcement that Iran’s Intelligence Ministry, under the leadership of Esmail Khatib, directs several networks of hackers for cyber espionage attacks and ransomware for political purposes, including the group “Muddy Water,” which, under the leadership of Iran’s Intelligence Ministry, has conducted extensive cyber attack campaigns since 2018, with the most recent example being this group’s attack on Turkish government institutions.

The report also referenced the hacking group “Persistent Advanced Threat 39,” which since September 2020 has engaged in large-scale theft of personal information for Iran’s Intelligence Ministry, likely in line with surveillance activities for human rights violations in Iran.

The US Treasury states that the aforementioned hacking group is under the control of Iran’s Intelligence Ministry and is connected to the smart computing company “Rana.”

In 2020, the US announced that the Iranian government had hired individuals under the name of Rana company for years to launch malware production campaigns against international companies, opponents of the Islamic Republic, and journalists.

Source: Radio Farda