U.S. cyber officials and their colleagues in Australia and Britain on Wednesday accused Iranian government-sponsored attackers of targeting devices in the health and transport sectors to become victims of ransomware.
The FBI, Cybersecurity and Infrastructure Security Agency (CISA), the Australian Cyber Security Center (ACSC) and the UK National Cyber Security Center (NCSC) said attackers sponsored by the Iranian government had exploited cyber vulnerabilities to lay the groundwork for future ransomware attacks. attack.
“The Iranian government is sponsored [Advanced Persistent Threat] “players are actively targeting a wide range of victims across several US critical infrastructure sectors, including the transportation and health and public health sectors, as well as Australian organizations,” said a joint cyber security advisory from cyber officials. “The FBI, CISA, ACSC and NCSC assess that the actors are focused on exploiting known vulnerabilities rather than targeting specific sectors. These Iranian government-sponsored APT actors can exploit this access to follow-up operations such as data filtering or encryption, ransomware and extortion. ”
Cyber officials said they saw the attackers exploit vulnerabilities in Microsoft Exchange servers and Fortinet devices to gain access to victims’ systems.
For example, the advisory said the Iranian-sponsored attackers gained access to networks of a “US-based hospital specializing in pediatric health care” in June 2021.
U.S. officials and their allies urged people to take a number of steps to mitigate the threats posed by Iranian invaders, including updating operating systems, implementing network segmentation, using multi-factor authentication and strong passwords, and taking other steps to reduce the risk. of phishing attacks via, among other things, emails.
Disclaimers for mcutimes.com
All the information on this website - https://mcutimes.com - is published in good faith and for general information purpose only. mcutimes.com does not make any warranties about the completeness, reliability, and accuracy of this information. Any action you take upon the information you find on this website (mcutimes.com), is strictly at your own risk. mcutimes.com will not be liable for any losses and/or damages in connection with the use of our website.