OFAC Sanctions: Iran Cyber Actors, Mali Islamists


Tuesday the Treasury Department announced sanctions on Iranian cyber actors and representatives of Islamist extremists responsible for taking hostage U.S. nationals.

Iranian Cyber Actors

Treasury’s Office of Foreign Assets Control (OFAC) sanctioned two companies and four individuals involved in malicious cyber activity on behalf of the Iranian Islamic Revolutionary Guard Corps Cyber Electronic Command (IRGC-CEC).

These actors targeted more than a dozen U.S. companies and government entities through cyber operations, including spear phishing and malware attacks. In conjunction with today’s action, the U.S. Department of Justice and the Federal Bureau of Investigation is unsealing an indictment against the four individuals for their roles in cyber activity targeting U.S. entities.

“Iranian malicious cyber actors continue to target U.S. companies and government entities in a coordinated, multi-pronged campaign intended to destabilize our critical infrastructure and cause harm to our citizens,” said Under Secretary of the Treasury for Terrorism and Financial Intelligence Brian E. Nelson. “The United States will continue to leverage our whole-of-government approach to expose and disrupt these networks’ operations.”

Iranian cyber actors continue to target the United States using a wide range of malicious cyber activity, from conducting ransomware attacks against critical infrastructure to conducting spear phishing and other social engineering campaigns against individuals, companies, and government entities. The IRGC-CEC, one of the Iranian government organizations behind malicious cyber activity, works through a series of front companies to target the United States and several other countries. Although front company management and key personnel know their operations support the IRGC-CEC, much of the Iranian public is not aware that some companies in Iran, such as Mehrsam Andisheh Saz Nik, are used as front companies to support the IRGC-CEC. The Iranian public should be aware that the IRGC-CEC uses private companies and their employees to achieve illegal goals.

 In February 2024, OFAC designated six IRGC-CEC officials in response to recent cyber operations in which IRGC-affiliated cyber actors manipulated programmable logic controllers, which impacted critical infrastructure systems, including in the United States.

While these particular operations did not disrupt any critical services, unauthorized access to critical infrastructure systems can enable actions that harm the public and cause devasting humanitarian consequences. 

West African Hostage Takers

OFAC has sanctioned two leaders of al-Qa’ida-aligned terrorist group Jama’at Nusrat al-Islam wal-Muslimin (JNIM) for hostage-taking of U.S. persons in West Africa.  

JNIM is an al-Qa’ida-aligned terrorist group operating in northwestern Africa. The Department of State designated JNIM as a Foreign Terrorist Organization (FTO) and Specially Designated Global Terrorist (SDGT) on September 6, 2018. Treasury has previously targeted JNIM in 2019, in response to terrorist attacks in Mali, including one that killed 21 Malian soldiers.

Click here for more information on the individuals and entities designated.



No comments on this item Please log in to comment by clicking here