Washington: The Iranian government supports a hacking group responsible for recent Ransomware attacks on targets in the United States and Australia, the US Cybersecurity Agency said Wednesday.
“APT actors who are sponsored by the Iranian government are actively targeting various kinds of victims in several US critical infrastructure sectors, including the transportation and public health and health sectors,” said the Cybersecurity and Infrastructure Security Agency (CISA) in the warning.
It was said that experts at the FBI, the Australian Cyber security center, and the British national cyber security center jointly achieved conclusions about Tehran’s support for the “APT” group, or “continuous threat,” the appointment that is often given to Countries supported by hackers.
Since at least March 2021, the Group has exploited vulnerabilities in Microsoft Exchange and Fortinet software to hack into the system, including those from the city government and children’s hospitals, Cisa said.
“APT actors sponsored by the Iranian government can utilize this access to follow-up operations, such as exfiltration data or encryption, ransomware, and extortion,” he said.
Cisa does not identify specific targets for groups in the United States or Australia, or say how successful they are.
The US Homeland security department estimates that the ransomware striker extorted the Leat of $ 350 million from the victim last year.
The US said the Iranian government was behind a ransomware attack
