Hacked Documents Reveal Iran’s Strategies To Bypass Sanctions

A session of the Iranian parliament
A session of the Iranian parliament

Documents leaked following the hack of the Iranian parliament’s media arm have uncovered a wide range of Tehran’s strategies to circumvent US sanctions. 

The documents revealed the parliament's coordination with designated Iranian entities and individuals to facilitate their trade activities and conceal their identities and connections from international regulatory bodies. The measures include manipulating purchase documents and customs regulations as well as banking incentives and foreign currency supplies to offset the damages incurred due to sanctions. 

Uprising till Overthrow, closely affiliated with the Albania-based opposition Mujahideen-e Khalq (MEK) organization, said they breached 600 of the main servers of the parliament, commission, main chamber, parliament assistant, parliament bank, and other servers related to administrative functions, via the Khaneh Mellat News Agency.

Among the vast array of internal communications and confidential documents leaked Tuesday is a 14-page letter that outlines numerous methods of bypassing sanctions and supporting sanctioned individuals and entities discussed in a session of Iran’s Sanctions Counteraction Headquarters held in August 2023.

The confidential letter is signed by Mohammad Mirmohammadi, the Deputy for Economic and Technological Affairs of the Secretariat of the Supreme National Security Council, addressed to Mohsen Rezaei, the Secretary of the Supreme Council of Economic Coordination of the Branches of Government. A copy of the letter was also sent to the heads of the three branches of Iran’s government, namely the president and the chief justice as well as the Parliament Speaker. 

A sample page of the document leaked by hacktivist group Uprising till Overthrow
A sample page of the document leaked by hacktivist group Uprising till Overthrow

The Sanctions Counteraction Headquarters was established in 2018 after the US withdrawal from the JCPOA. Es'haq Jahangiri, the First Vice President of the Rouhani administration, announced the establishment of this headquarters, saying, "In the new conditions, country managers do not have the right to surrender to the conditions and must find solutions for selling oil and providing the country's needs." 

According to the leaked letter, the HQ decreed that sanctioned individuals have the "possibility to change their identity for the purpose of continuing their activities." They will also benefit from other facilities such as "financial incentives in banking, insurance, tax, and customs areas."

Another resolution included "provision of protective and security coverage" to all managers, agents, and people working to neutralize sanctions, aimed at "immunizing" them against incurred damages. 

Mentioned in the letter is the provision of legal-judicial services domestically and internationally to support people at risk of retribution for their efforts to evade sanctions. Methods of bypassing the restriction to import sanctioned goods and dual-use goods are also addressed, in addition to practices such as not providing a certificate of origin or accepting a mismatched certificate of origin from non-Iranian businesses, tampering with documents with names inconsistent with the buyer, and changing the name or details of the purchase agreement.

Using foreign intermediaries for sanctioned goods was also introduced as a common practice with customs permitted to change declarations to avoid the disclosure of information about the imported goods. 

Such mechanisms have, over a number of years, effectively established a hidden financial system that has become an integral part of Iran's economy. The authorities of the Islamic Republic have repeatedly acknowledged their efforts to circumvent US sanctions, and some people in Europe and the US have been detained on charges of involvement in this circumvention. 

The timing of the cyberattack is notable as it coincides with the upcoming parliamentary elections, scheduled for March 1st, which have been marred by extensive disqualifications of candidates, raising concerns about the integrity of the electoral process. This isn't the first time Uprising till Overthrow has targeted Iranian government agencies. In June, the group exposed documents from the Iranian presidential system, shedding light on activities of the Revolutionary Guards in suppressing protests.