US sanctions Iranian nationals for cyberattacks against banks

US sanctions Iranian nationals for cyberattacks against banks
© Keren Carrion

The Trump administration on Thursday sanctioned seven Iranian nationals and an Iran-based computer security company for their role in cyberattacks targeting the U.S. financial system.

The Treasury Department announced sanctions on 11 entities and individuals for supporting Iran’s elite Islamic Revolutionary Guards Corps (IRGC) and networks responsible for cyberattacks targeting the U.S. financial system. 

The seven Iranian nationals added to the Office of Foreign Assets Control sanctions list are the same ones indicted by the Justice Department in March 2016 for their role in coordinated cyberattacks against the U.S. financial sector between 2011 and 2013.

Treasury Secretary Steven MnuchinSteven Terner MnuchinHillicon Valley: Mnuchin urges antitrust review of tech | Progressives want to break up Facebook | Classified election security briefing set for Tuesday | Tech CEOs face pressure to appear before Congress Pair sought big contracts from Gulf princes in exchange for access to Trump: report Overnight Finance: Trump signs repeal of auto-loan policy | Justices uphold contracts that bar employee class-action suits | US, China trade war 'on hold' MORE cast the new sanction as part of a broader effort by the Trump administration to “take strong actions to counter Iran’s provocations.”

Those sanctioned include a private Iranian computer security company called ITSec Team, which allegedly conducted distributed denial of service (DDoS) attacks against at least nine large U.S. financial organizations, including banks and stock exchanges, between 2011 and 2012. The security company also did work on behalf of the Iranian government during the same period, according to the Treasury.

The administration also sanctioned three Iranian nationals for acting in connection with ITSec Team and sanctioned four Iranian nationals for their work on behalf of an Iran-based computer security company called Mersad Co., which has been affiliated with the IRGC, the Treasury said.

Both computer security companies are accused of coordinating DDoS attacks against 46 major companies, many of them part of the U.S. financial sector, between December 2011 and May 2013. 

“Treasury will continue to take strong actions to counter Iran’s provocations, including support for the IRGC-Qods Force and terrorist extremists, the ongoing campaign of violence in Syria, and cyber-attacks meant to destabilize the U.S. financial system,” Mnuchin said in a statement.