FILE - A magnifying glass is held in front of a computer screen in this picture illustration taken in Berlin, May 21, 2013.
FILE - A magnifying glass is held in front of a computer screen in this picture illustration taken in Berlin, May 21, 2013.

BRUSSELS - Iran is likely to expand its cyberespionage activities as its relations with Western powers worsen, the European Union digital security agency said Monday.

Iranian hackers are behind several cyberattacks and online disinformation campaigns in recent years as the country tries to strengthen its clout in the Middle East and beyond, a Reuters Special Report published in November found.

This month the European Union imposed its first sanctions on Iran since world powers agreed to a 2015 nuclear deal with Tehran, in a reaction to Iran's ballistic missile tests and assassination plots on European soil.

European Union flags are seen outside the European Commission headquarters in Brussels, Sept. 10, 2014.
In Shift, EU Sanctions Iran Over Planned Europe Attacks

The European Union on Tuesday froze the assets of an Iranian intelligence unit and two of its staff, as the Netherlands accused Iran of two killings on its soil and joined France and Denmark in alleging Tehran plotted other attacks in Europe.

The move, although in part symbolic since one of the men is in prison in Belgium, marks the first time the EU has enacted sanctions on Iran since lifting a host of curbs on it three years ago following its 2015 nuclear pact with world powers.

The decision, which includes designating the unit and the two Iranians as terrorists, follows last year's

"Newly imposed sanctions on Iran are likely to push the country to intensify state-sponsored cyber threat activities in pursuit of its geopolitical and strategic objectives at a regional level," the European Union Agency for Network and Information Security (ENISA) said in a report.

A senior Iranian official rejected the report, saying "these are all part of a psychological war launched by the United States and its allies against Iran."

ENISA lists state-sponsored hackers as among the highest threats to the bloc's digital security.

It said that China, Russia and Iran are "the three most capable and active cyber actors tied to economic espionage." Iran, Russia and China have repeatedly denied U.S. allegations that their governments conduct cyberattacks.

Mohammad Mehdi Shah Mansouri & Faramarz Shahi Sava
FILE - Mohammad Mehdi Shah Mansouri and Faramarz Shahi Savandi are wanted for allegedly launching SamSam ransomware, which encrypted hundreds of computer networks in the United States and other countries.

A malicious computer worm known as Stuxnet that was used to attack a uranium enrichment facility at Iran's Natanz underground nuclear site a decade ago is widely believed to have been developed by the United States and Israel.

When Washington imposed sanctions on several Iranians in March 2018 for hacking on behalf of the Iranian government, Iran's foreign ministry denounced the move as "provocative, illegitimate, and without any justifiable reason."

In November, the United States indicted two Iranians for launching a major cyberattack using ransomware known as SamSam and sanctioned two others for helping exchange the ransom payments from Bitcoin digital currency into rials.

Cyber activities are expected to increase in coming months, particularly if Iran fails to keep the EU committed to a 2015 landmark nuclear deal, ENISA said.