At it again © Associated Press/Michel Spingler Federal agencies in the United States, United Kingdom and Australia on Wednesday warned that hackers linked to the Iranian government are behind an ongoing campaign targeting critical infrastructure, including hospitals. International warning: The FBI, the Cybersecurity and Infrastructure Security Agency (CISA), the U.K.’s National Cyber Security Centre (NCSC) and the Australian Cyber Security Centre (ACSC) outlined the malicious activity in a joint advisory. The agencies noted that the hackers had targeted “a broad range of victims across multiple U.S. critical infrastructure sectors” since at least March of this year, often through exploiting vulnerabilities in devices from cybersecurity group Fortinet and Microsoft Exchange ProxyShell to launch ransomware attacks. Key organizations hit: The Iranian-linked advanced persistent threat group (APT) was specifically found to be targeting the U.S. health and transportation sectors, including a hospital specializing in children’s care in July, and to have gone after a domain for a U.S. municipal government in May. The ACSC has also seen the hackers target victims in Australia. “FBI, CISA, ACSC, and NCSC assess the actors are focused on exploiting known vulnerabilities rather than targeting specific sectors,” the advisory reads. “These Iranian government-sponsored APT actors can leverage this access for follow-on operations, such as data exfiltration or encryption, ransomware, and extortion.” Read more here. |
No comments:
Post a Comment