Jump to content
  • US sanctions Iran’s Ministry of Intelligence over Albania cyberattack

    alf9872000

    • 446 views
    • 3 minutes
     Share


    • 446 views
    • 3 minutes

    The U.S. Treasury Department announced sanctions today against Iran's Ministry of Intelligence and Security (MOIS) and its Minister of Intelligence for their role in the July cyberattack against the government of Albania, a U.S. ally and a NATO member state.

     

    MOIS is the Iranian government's leading intelligence agency, tasked with coordinating intelligence and counterintelligence efforts, as well as covert actions supporting the Islamic regime's goals beyond the country's borders.

     

    "Since at least 2007, the MOIS and its cyber actor proxies have conducted malicious cyber operations targeting a range of government and private-sector organizations around the world and across various critical infrastructure sectors," the Treasury Dept's Office of Foreign Assets Control (OFAC) said.

     

    "In July 2022, cyber threat actors assessed to be sponsored by the Government of Iran and MOIS disrupted Albanian government computer systems, forcing the government to suspend online public services for its citizens."

     

    After linking the July cyberattack that targeted Albanian government infrastructure to Iranian threat actors, Albanian Prime Minister Edi Rama announced on Wednesday that the country severed diplomatic ties with Iran and asked all embassy staff to leave within 24 hours.

     

    The U.S. governmentNATO, and the U.K. also formally blamed Iran for its reckless cyberattacks against Albania, saying the country would be held accountable for threatening the security of a NATO ally.

     

    "Iran's cyber attack against Albania disregards norms of responsible peacetime State behavior in cyberspace, which includes a norm on refraining from damaging critical infrastructure that provides services to the public," said Brian E. Nelson, the Treasury's Under Secretary for Terrorism and Financial Intelligence today.

     

    "We will not tolerate Iran's increasingly aggressive cyber activities targeting the United States or our allies and partners."

     

    2022-09-09-222758.jpg

    MOIS-controlled threat groups

    Earlier this year, U.S. Cyber Command (USCYBERCOM) officially linked the Iranian-backed MuddyWatter threat group to Iran's Ministry of Intelligence and Security (MOIS).

     

    This cyber-espionage group (also known as SeedWorm and TEMP.Zagros) was first spotted in 2017 and is known for focusing its espionage attacks on Middle Eastern entities targeting dissidents and government organizations.

     

    MuddyWater was also linked to attacks against government and defense entities in Central and Southwest Asia and numerous privately-held and public orgs from North America, Europe, and Asia [123].

     

    MOIS is also known for controlling APT39, another cyber espionage group engaging in surveillance operations aligned with Iranian interests since November 2014.

     

    "MOIS carries out cyber espionage and disruptive ransomware attacks on behalf of the Iranian government in parallel with the other Iranian security service the IRGC," John Hultquist, Mandiant's Vice President of Intelligence Analysis, told BleepingComputer.

     

    "These actors have also been involved in ransomware incidents that may have been ultimately designed for disruptive purposes rather than financial gain. Those operations were a template for the Albania attack."

     

    Source: Bleeping Computer

    https://www.bleepingcomputer.com/news/security/us-sanctions-iran-s-ministry-of-intelligence-over-albania-cyberattack/


    User Feedback

    Recommended Comments

    There are no comments to display.



    Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.
    Note: Your post will require moderator approval before it will be visible.

    Guest
    Add a comment...

    ×   Pasted as rich text.   Paste as plain text instead

      Only 75 emoji are allowed.

    ×   Your link has been automatically embedded.   Display as a link instead

    ×   Your previous content has been restored.   Clear editor

    ×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...