美国制裁6名伊朗官员，指控其进行关键基础设施的网络攻击

The U.S. Treasury Department's Office of Foreign Assets Control (OFAC) announced sanctions against six officials associated with the Iranian intelligence agency for attacking critical infrastructure entities in the U.S. and other countries.

美国财政部外国资产控制办公室（OFAC）宣布对与伊朗情报机构攻击美国和其他国家重要基础设施实体有关的六名官员实施制裁。

The officials include Hamid Reza Lashgarian, Mahdi Lashgarian, Hamid Homayunfal, Milad Mansuri, Mohammad Bagher Shirinkar, and Reza Mohammad Amin Saberian, who are part of the Iranian Islamic Revolutionary Guard Corps Cyber-Electronic Command (IRGC-CEC).

这些官员包括哈米德·雷扎·拉什加里安，马赫迪·拉什加里安，哈米德·何迈尼法尔，米拉德·曼苏里，穆罕默德·巴赫尔·希林卡尔和雷扎·穆罕默德·阿明·萨贝里安，他们是伊朗伊斯兰革命卫队网络电子指挥部（IRGC-CEC）的一部分。

Reza Lashgarian is also the head of the IRGC-CEC and a commander in the IRGC-Qods Force. He is alleged to have been involved in various IRGC cyber and intelligence operations.

雷扎·拉什加里安还是伊斯兰革命卫队网络电子指挥部的负责人和伊斯兰革命卫队圣城军的指挥官。据称他参与了众多伊斯兰革命卫队的网络和情报行动。

The Treasury Department said it's holding these individuals responsible for carrying out "cyber operations in which they hacked and posted images on the screens of programmable logic controllers manufactured by Unitronics, an Israeli company."

财政部表示，对这些个人负责进行了"网络行动，他们入侵并在以色列公司Unitronics制造的可编程逻辑控制器的屏幕上发布了图像。"

In late November 2023, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) revealed that the Municipal Water Authority of Aliquippa in western Pennsylvania was targeted by Iranian threat actors by exploiting Unitronics PLCs.

2023年11月底，美国网络安全与基础设施安全局（CISA）透露，宾夕法尼亚州西部的阿利奎帕市自来水权威遭到伊朗威胁行动者的攻击，利用了Unitronics PLCs。

The attack was attributed to an Iranian hacktivist persona dubbed Cyber Av3ngers, which came to the forefront in the aftermath of the Israel-Hamas conflict, staging destructive attacks against entities in Israel and the U.S.

这次攻击被归因于一个名为"网络复仇者"的伊朗黑客人物，该人物在以色列和美国的实体中发动破坏性攻击，并在以色列-哈马斯冲突之后引起关注。

The group, which has been active since 2020, is also said to be behind several other cyber attacks, including one targeting Boston Children's Hospital in 2021 and others in Europe and Israel.

该组织自2020年以来一直活跃，据说还发动了多起其他网络攻击，包括2021年针对波士顿儿童医院的攻击以及欧洲和以色列的其他攻击。

"Industrial control devices, such as programmable logic controllers, used in water and other critical infrastructure systems, are sensitive targets," the Treasury Department noted.

"工业控制设备，如可编程逻辑控制器，用于水和其他关键基础设施系统，是敏感目标，"财政部指出。

"Although this particular operation did not disrupt any critical services, unauthorized access to critical infrastructure systems can enable actions that harm the public and cause devastating humanitarian consequences."

"尽管这次特定行动没有破坏任何关键服务，但对关键基础设施系统的未经授权访问可能导致损害公众并造成灾难性人道后果。"

The development comes as another pro-Iranian "psychological operation group" known as Homeland Justice said it attacked Albania's Institute of Statistics (INSTAT) and claimed to have stolen terabytes of data.

这一进展发生在另一个名为"祖国正义"的亲伊朗"心理操作组织"宣称对阿尔巴尼亚统计研究所（INSTAT）发动了攻击，并声称窃取了几TB的数据。

Homeland Justice has a track record of targeting Albania since mid-July 2022, with the threat actor most recently observed delivering a wiper malware codenamed No-Justice.

祖国正义自2022年7月中旬以来一直攻击阿尔巴尼亚，最近观察到该威胁行动者传递了一种名为"无正义"的抹布恶意软件。

原文始发于微信公众号（知机安全）：美国制裁6名伊朗官员，指控其进行关键基础设施的网络攻击