Iran Launches Brutal Cyber Attacks on Critical Infrastructure

Resources
Iran Launches Brutal Cyber Attacks on Critical Infrastructure

Published:

Written by: Staff Editor
spot_img

Iranian Threat Actor Campaign Targets Critical Infrastructure Acces

Security agencies from the United States, along with international partners, have issued a warning about an ongoing Iranian cyber campaign that targets critical infrastructure through brute-force attacks. This campaign, which has been active for over a year, aims to compromise various sectors including healthcare, government, IT, engineering, and energy.

The FBI, CISA, NSA, and cybersecurity agencies from Canada and Australia have highlighted the need for organizations to enhance their security measures by ensuring strong passwords and implementing a second form of authentication on all accounts. The threat actors behind this campaign are selling access to compromised infrastructure to cybercriminals.

The advisory follows recent reports of Iranian threat actors targeting political organizations to undermine confidence in U.S. democratic institutions. Additionally, there have been instances of these threat actors selling critical infrastructure access to ransomware groups.

The Iranian threat actors have been employing brute-force techniques like password spraying and MFA ‘push bombing’ to gain access to user accounts within organizations. They then proceed to obtain sensitive information and credentials to facilitate further access.

Among the targeted systems are Microsoft 365, Azure, and Citrix, where the threat actors exploit vulnerabilities to register their devices with MFA and gain persistent access. They also utilize VPN services, Remote Desktop Protocol, and various tools to extract credentials and information from compromised networks.

The advisory includes indicators of compromise to help organizations detect and prevent brute-force attacks, as well as specific file hashes associated with the Iranian campaign. Notably, one of the identified file hashes had gone undetected by the majority of security tools before the advisory was issued.

Security teams are urged to remain vigilant against such cyber threats and monitor their systems for any signs of malicious activity.Enhanced security measures are crucial in mitigating the risks posed by these Iranian threat actors targeting critical infrastructure.

spot_img

Related articles

Recent articles

DNS Attacks Explained: Risks and Threats You Need to Know

Dark Watch
Understanding DNS Attacks: Safeguarding the Internet's Backbone As we navigate through our increasingly digital lives in 2026, one unsung hero stands at the forefront of...
Read more

Zoho Opens New Data Centers in Dubai and Abu Dhabi

Knowledge Hub
Fortinet's Secure AI Data Center: Redefining Security for AI Workloads In an era where artificial intelligence is redefining landscapes across various sectors, the need for...
Read more

Raising the Standard: The Impact of NPSA in the UK

Regional
13 Jan NPSA: A New...
Read more

Parsons Awarded Design and Construction Management Contract by New Murabba Development in Saudi Arabia

Regional
Parsons Awarded Major Contract for New Murabba Development in Riyadh CHANTILLY, VA. – Parsons Corporation (NYSE: PSN) has secured a significant contract from the New...
Read more
Sign up to the Newsletter and never miss out on the latest news!
Join the Cyber Warriors community and get Insider Tips & Tricks to defend your digital assets.

© Cyberwarriorsmiddleeast.com