The sanctions were specifically slapped against Iran’s Ministry of Intelligence and Security (MOIS) and its Minister of Intelligence – which are tasked to aid the Iran government’s
Targeting an Ally Nation
Countries with uncommon interests targeting each other in cyber means, as we see several state-sponsored hacking teams hitting their enemy countries for various purposes – almost every month. And Iran’s cyberattack on the Albanian government in July this year is something similar! As reported by several security agencies and even independent researchers, Iran’s Ministry of Intelligence and Security (MOIS) has disrupted the cyberinfrastructure of the Albanian government, ultimately forcing it to suspend online public services for its citizens. This incident was confirmed by Albanian Prime Minister Edi Rama, who on Wednesday announced cutting diplomatic ties with Iran and asked all its embassy staff to return within 24 hours. Soon, the U.S. government, NATO, and the U.K. also formally blamed Iran for these attacks.
— Jens Stoltenberg (@jensstoltenberg) September 8, 2022 And now, taking a step further, the US Treasury Department has announced sanctions against Iran’s Ministry of Intelligence and Security. The threat actor in this scene was noted to be MuddyWatter – a state-sponsored group of Iran’s MOIS also tracked as SeedWorm and TEMP.Zagros. First spotted in 2017, the cyber espionage group is held accountable for several cyberattacks in Middle Eastern countries, targeting dissidents and government organizations. Also, several security firms have linked MuddyWatter to attacks against governments in Central and Southwest Asia, North America, Europe, and Asia [1, 2, 3]. Aside from sabotaging the rival nation’s infrastructure, the MuddyWatter and APT39 – another hacking team linked to Iran’s government – were known for reconnaissance operations aligned with Iranian interests.