DHS, FBI & NSA Recommendations To Protect Your Company From Iranian Cyber Warfare
The Cybersecurity and Infrastructure Security Agency (CISA), the FBI, the National Security Agency (NSA), and others, released a joint Cybersecurity Advisory (CSA) with details on protecting against cyber activity by “advanced persistent threat” (APT) actors affiliated with the Iranian Government’s Islamic Revolutionary Guard Corps.
The U.S. agencies assess that critical infrastructure sectors and organizations in the U.S. are being actively targeted. After gaining access to a network, the APT actors likely determine a course of action based on their perceived value of the data, which could lead them to encrypting data for ransom and/or exfiltrating data.
In addition to enforcing multifactor authentication, making offline backups of your data, securing remote desktop protocol (RDP), the agencies encourage organizations to immediately patch software affected by vulnerabilities that are identified in the advisory.
All companies are encouraged to review the joint Cybersecurity Advisory for details on recommended mitigations.