Joint Advisory – Iranian Cyber Actors Targeting Critical Infrastructure Organizations Using Brute Force

Yesterday, CISA and other federal and international partners released a joint Cybersecurity Advisory (CSA) “Iranian Cyber Actors’ Brute Force and Credential Access Activity Compromise Critical Infrastructure.” The advisory highlights known indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs) used by Iranian cyber threat actors to disrupt organizations across critical infrastructure sectors. The threat posed by Iranian nation-state actors is one not to be dismissed by the water sector – as witnessed by the operational technology breach at the Municipal Water Authority of Aliquippa in November last year. Members are encouraged to review the joint advisory, the IOCs and TTPs used by these threat actors, and to follow the guidance in the mitigations section.

Yesterday, CISA and other federal and international partners released a joint Cybersecurity Advisory (CSA) “Iranian Cyber Actors’ Brute Force and Credential Access Activity Compromise Critical Infrastructure.” The advisory highlights known indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs) used by Iranian cyber threat actors to disrupt organizations across critical infrastructure sectors. The threat posed by Iranian nation-state actors is one not to be dismissed by the water sector – as witnessed by the operational technology breach at the Municipal Water Authority of Aliquippa in November last year. Members are encouraged to review the joint advisory, the IOCs and TTPs used by these threat actors, and to follow the guidance in the mitigations section.