The US government, along with its counterparts in Australia and the UK, has warned that Iranian state-sponsored hackers are targeting US companies in critical infrastructure sectors – in some cases with ransomware.

The rare warning linking Iran to ransomware landed in a joint report by the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), the Australian Cyber ​​Security Center (ACSC) and Wednesday the UK National Cyber ​​Security Center (NCSC).

The report states that attackers supported by Iran have been exploiting Fortinet vulnerabilities since at least March and a Microsoft Exchange ProxyShell vulnerability since October in order to gain access to US critical infrastructure organizations in the transport and health sectors as well as to organizations in Australia. The ultimate goal of the hackers is to use this access for follow-up operations such as data exfiltration, extortion and …

Source link

Leave a Reply