American cyber agencies, FBI and NSA today issued an immediate warning about a possible cyber attack from Iranian hackers, which are targeting the important infrastructure.
The CISA says there are no signs of an ongoing campaign, but due to the current unrest in the Middle East and the first cyber attacks from Iran urges important infrastructure organizations and other possible goals.
One in Joint fact sheetCyber agencies have warned that the risk has increased when the defense industrial base (DIB) companies are targeted in relation to Israeli’s defense and research. Other organizations in important infrastructure areas including energy, water and healthcare are also considered a possible target.
The advisor has warned that Iranian danger is actor Iran, who is known to use default passwords to take advantage of uneven weaknesses or to get a breech system. It was observed last year when the Irani danger actors of IRGC violated a pencilvania water facility in November 2023, which was exposed online by hacking in Unitronics Programable Logic Controllers (PLC).
Iranian-conferred hackers also act or function as a hecticist, defact the distributed Daniel-Off-Services (DDOS) attacks or websites. These attacks are often conducted as combinations with politically inspired messages, the attackers promoted their activities on X and Telegram.
The Iranian danger actors have been seen using ransomware or working as associates with the Russian ransomware gang, such as Noskpe, Rancemhouse and Alfav (also known as Blackcat). Many of these attacks focused on Israeli companies, where they encrypted the equipment and leaked stolen data.
In some cases, the attackers used data wipers instead of ransomware to conduct disastrous attacks on organizations.
Reduce attack
CISA, DOD, FBI, and NSA organizations are urged to adopt the following best practices to protect them from these dangers:
- Separate OT and ICS system from public internet and restrict remote access.
- Use strong, unique passwords for all online accounts and systems, replace all default account passwords.
- Enable multi-factor authentication (MFA) for important systems and certification platforms.
- Install all software updates especially on Internet-Fesing System to correct known weaknesses.
- Monitor the network and server for abnormal activity.
- To ensure development and testing event reaction plans to ensure that all backup and recover plans are working.
For more information, the organization can read CISA’s Iran Danger Overview And this Iran Danger Web page of FBI,
Patching meant complex scripts, long and endless fire drills. No more.
In this new guide, the tines break down how it is leveling with modern organ automation. Patch fast, reduce overhead, and focus on strategic tasks – no complex script is required.
