The US Treasury Department has imposed sanctions on six Iranian military hackers, accusing them of carrying out cyberattacks against American water companies.
The attacks, which occurred in late 2023, did not result in any disruption of critical services, according to the Treasury Department. The hackers, operating under the guise of a pro-Iran hacktivist collective named the “CyberAv3ngers,” in reality are the group linked to the Islamic Revolutionary Guard Corps, a military branch of Iran.
The six sanctioned individuals are named as Hamid Reza Lashgarian, the head of the Iranian Islamic Revolutionary Guard Corps Cyber-Electronic Command (IRGC-CEC) and a commander in the IRGC-Qods Force, Mahdi Lashgarian, Hamid Homayunfal, Milad Mansuri, Mohammad Bagher Shirinkar, and Reza Mohammad Amin Saberian, who are senior officials of the IRGC-CEC.
Late last November, the hackers targeted multiple water utilities across the United States, all running the same Israeli-made industrial equipment, Unitronics Vision Series PLCs. The incidents first came to public attention after Cyber Av3ngers took control over water pumps in the town of Aliquippa, Pennsylvania, by exploiting a Unitronics PLC and displayed an anti-Israel message on the compromised computer screens.
The news comes after the US authorities sanctioned two Egyptian IT experts for providing cybersecurity support and training to the terrorist organization ISIS, including the use of cryptocurrency and supporting the group’s recruitment and propaganda.
One of the sanctioned individuals is Mu’min Al-Mawji Mahmud Salim (Mu’min Al-Mawji), the creator and leader of the ISIS-affiliated platform Electronic Horizons Foundation (EHF), which provides cybersecurity guidance and training to ISIS supporters seeking to evade law enforcement scrutiny of their online activities.