Read Time:1 Minute, 37 Second
Australian organisations should be aware of ongoing malicious cyber activity conducted by Iranian government-affiliated Advanced Persistent Threat (APT) actors.
Recently, the Australian Cyber Security Centre (ACSC) issued an advisory in response to increased reporting of malicious cyber activity directed at Australian organisations by Iranian state-sponsored actors.
“This advisory updates a prior technical advisory from November 2021 detailing Iranian Government-sponsored APT cyber actors exploiting known vulnerabilities and provides new technical information about continuous malicious cyber activity by the IRGC. It has been developed with the United States (Federal Bureau of Investigation, Cybersecurity and Infrastructure Security Agency, National Security Agency, U.S. Cyber Command Cyber National Mission Force, Department of the Treasury), the United Kingdom (National Cyber Security Centre) and Canada (Canadian Centre for Cybersecurity),” ASCS said.
The actors are believed to be part of the Islamic Revolutionary Guard Corps (IRGC). They have been behind several recent high-profile cyber attacks targeting different Australian businesses and organisations, including government, critical infrastructure, media, and oil and gas companies.
The attackers use techniques to gain initial access to victim networks, including phishing emails, watering hole attacks, and password spraying.
Once they have gained access to a system, Iranian state-sponsored actors often conduct further activities, such as privilege escalation, lateral movement, and data exfiltration.
Organisations should take steps to protect themselves from these threats, including implementing strong security measures and keeping up to date with the latest information on cyber threats. Also, reporting cybercrime and suspicious activity helps keep everyone safe online and allows authorities to investigate and shut down illegal activity.
If you believe your organisation has been targeted by cybercrime or if you have noticed any strange or suspicious activity on your computer or online account, it’s essential to report it as soon as possible.
You can report cybercrime and cyber security incidents to ReportCyber, or call the 24/7 Australian Cyber Security Hotline on 1300 CYBER1 (1300 292 371).
Happy
0 %
Sad
0 %
Excited
0 %
Sleepy
0 %
Angry
0 %
Surprise
0 %
0
0
