US warns that Iranian government-sponsored hackers are targeting key US infrastructure
Health-ISAC Chief Security Officer, Errol Weiss is quoted in the article. Read the full article here:
https://www.cnn.com/2021/11/17/politics/us-iran-hackers-warning/index.html.
Washington (CNN) Iranian government-sponsored hackers are actively targeting a “broad range of victims” across multiple US sectors, including transportation and health care, and in some cases have deployed ransomware against those victims, US federal agencies and their counterparts from the United Kingdom and Australia warned on Wednesday.
It’s a rare case of the US government publicly linking Iran with ransomware, which is typically used by cybercriminals rather than governments. And it’s a reminder that America’s ransomware problem is not limited to Russia.
The Iranian hackers are exploiting known flaws in software made by Microsoft and California-based vendor Fortinet to access systems and at times lock them up with ransomware, according to the advisory from the FBI, US Cybersecurity and Infrastructure Security Agency, Australian Cyber Security Centre and the UK’s National Cyber Security Centre.
“These Iranian government-sponsored … actors can leverage this access for follow-on operations, such as data exfiltration or encryption, ransomware, and extortion,” the advisory states.
The Health Information Sharing and Analysis Center, a cyber threat sharing group for big US health care providers, said it would quickly share the US government advisory with its members.
“We’re taking it very seriously,” Errol Weiss, the group’s chief security officer, told CNN. “I would have loved a chance to work on this with the government before it came out.”
- Related Resources & News
- Health-ISAC Hacking Healthcare 10-15-2024
- Health-ISAC Welcomes Booz Allen Hamilton to the Ambassador Program
- Health-ISAC Hacking Healthcare 10-9-2024
- Monthly Newsletter – October 2024
- Health ISAC leads effort to transform SBOM information sharing under CISA-facilitated community work
- CyberEdBoard Insights: Phil Englert and Errol Weiss
- Health-ISAC Hacking Healthcare 9-10-2024
- Strengthening Healthcare Cybersecurity: Lessons from Recent Supplier Attacks
- Specialize in Securing Critical Infrastructure
- How AI is transforming cybersecurity, on defense and offense