Iran Launches Brutal Cyber Attacks on Critical Infrastructure

Resources
Iran Launches Brutal Cyber Attacks on Critical Infrastructure

Published:

Written by: Staff Editor
spot_img

Iranian Threat Actor Campaign Targets Critical Infrastructure Acces

Security agencies from the United States, along with international partners, have issued a warning about an ongoing Iranian cyber campaign that targets critical infrastructure through brute-force attacks. This campaign, which has been active for over a year, aims to compromise various sectors including healthcare, government, IT, engineering, and energy.

The FBI, CISA, NSA, and cybersecurity agencies from Canada and Australia have highlighted the need for organizations to enhance their security measures by ensuring strong passwords and implementing a second form of authentication on all accounts. The threat actors behind this campaign are selling access to compromised infrastructure to cybercriminals.

The advisory follows recent reports of Iranian threat actors targeting political organizations to undermine confidence in U.S. democratic institutions. Additionally, there have been instances of these threat actors selling critical infrastructure access to ransomware groups.

The Iranian threat actors have been employing brute-force techniques like password spraying and MFA ‘push bombing’ to gain access to user accounts within organizations. They then proceed to obtain sensitive information and credentials to facilitate further access.

Among the targeted systems are Microsoft 365, Azure, and Citrix, where the threat actors exploit vulnerabilities to register their devices with MFA and gain persistent access. They also utilize VPN services, Remote Desktop Protocol, and various tools to extract credentials and information from compromised networks.

The advisory includes indicators of compromise to help organizations detect and prevent brute-force attacks, as well as specific file hashes associated with the Iranian campaign. Notably, one of the identified file hashes had gone undetected by the majority of security tools before the advisory was issued.

Security teams are urged to remain vigilant against such cyber threats and monitor their systems for any signs of malicious activity.Enhanced security measures are crucial in mitigating the risks posed by these Iranian threat actors targeting critical infrastructure.

spot_img

Related articles

Recent articles

Fighting AI-Driven Cyberattacks with Preemptive Cyber Deception Strategies

Global
Fighting AI-Driven Cyberattacks with Preemptive Cyber Deception Strategies Recent developments in artificial intelligence (AI) have underscored its role in facilitating advanced cyber espionage campaigns, as...
Read more

Afreximbank Launches Season II of ‘Impact Stories,’ Highlighting Transformative Projects Across Africa and the Caribbean

Regional
Afreximbank Launches Season II of ‘Impact Stories,’ Highlighting Transformative Projects Across Africa and the Caribbean The African Export-Import Bank (Afreximbank) has announced the launch of...
Read more

Cohesity Advances Cyber Resilience with Enhanced Data Protection and AI Security Solutions

Features
Cohesity Advances Cyber Resilience with Enhanced Data Protection and AI Security Solutions Cohesity has unveiled significant enhancements to its data protection and security portfolio, aimed...
Read more

CISOs Must Strengthen Phishing Detection: 3 Essential Steps for Scaling SOC Effectiveness

Global
CISOs Must Strengthen Phishing Detection: 3 Essential Steps for Scaling SOC Effectiveness Phishing has evolved into one of the most challenging threats for enterprises to...
Read more
Sign up to the Newsletter and never miss out on the latest news!
Join the Cyber Warriors community and get Insider Tips & Tricks to defend your digital assets.

© Cyberwarriorsmiddleeast.com