In November last year, Australian, UK and US cyber security agencies issued a joint warning, advising that Iranian actors conducted ransomware attacks against US targets and gained access to a wide range of critical infrastructure networks.
US officials are advising businesses to take action in backing up their data and keeping their systems up to date, in order to protect their organisations from Iranian hackers. These hackers are targeting various infrastructures, including the transportation and healthcare sectors, as well as corporate Australian organisations.
Who was targeted?
Security experts from the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), the Australian Cyber Security Center (ACSC) and the United Kingdom’s National Cyber Security Center (NCSC) found an ongoing malicious cyber activity by an APT group associated with Iran.
The hackers, who are believed to be sponsored by the Iranian Government, are targeting a wide range of victims across a number of critical infrastructure sectors.
Warnings from US, UK and Australia
The United States, Britain and Australia put out a joint warning in regard to the Iranian attackers, which lead to gaining a variety of network infrastructures, including a Children’s Hospital in America, that would permit more attacks.
With the focus this year on the Russian’s ransomware attack against the US on a meat processing company, and a major US oil pipeline attack which caused a shortage of gas, the Iranian attack came as a surprise.
Iran’s Ransomware History
While the Iranian ransomware may have come as a surprise to the Americans, this has been part of everyday life in Israel for more than a year. The Iranian actors have targeted almost every sector of Israel’s economy and society. Due to Iran’s successful use of ransomware against Israel, it has likely been encouraged to expand and focus on America.
For further information on protecting and implementing your cybersecurity defences, contact Agilient today.
Author: Mahdi Kobeissi, Cyber Security Consultant