Washington accuses the Iranian government of supporting cyber attacks on American companies
The US Department of Homeland Security warned – on Wednesday – that a group of hackers “sponsored by the Iranian government” are carrying out disruptive cyber attacks against American companies, including health care providers and transportation companies.
The alert, prepared by the Federal Bureau of Investigation and the Department of Homeland Security’s Cyber Security and Infrastructure Security Agency, said hackers exploit vulnerabilities in legacy software from Microsoft and Fortinet products to infiltrate computer networks.
Although these vulnerabilities have been patched, some customers have not upgraded their networks.
“Advanced Persistent Threat actors, sponsored by the Iranian government, actively target a broad range of victims across many critical infrastructure sectors in the United States, including transportation, healthcare, and public health, as well as Australian organizations,” the warning reads.
Microsoft said on Tuesday in a blog post that it had detected 6 different Iranian groups of hackers working with ransomware since September 2020.
Ransomware usually works by encrypting the target computer’s data, making it unusable until a sum of money is sent to the hackers.
“As Iranian technicians seek to hone their strategic goals and skills, they have evolved over time into more efficient threat actors, capable of conducting a variety of operations,” says an analysis by the company.
The US Department of Homeland Security believes that ransomware attackers took at least $350 million from their victims last year.