CISA, FBI, DC3 Issue Iran-Based Ransomware Attack Alert

09.06.2024
Small Business

The following first appeared on Robinson+Cole’s Data Privacy + Cybersecurity Insider website. It is reposted here with permission.


The Cybersecurity and Infrastructure Security Agency, Federal Bureau of Investigation, and the Department of Defense Cyber Crime Center have issued an alert warning of Iran-based ransomware attacks.

The Aug. 28 alert warns that cyber actors, “known in the private sector as Pioneer Kitten, UNC757, Parisite, Rubidium, and Lemon Sandstorm,” are targeting and exploiting U.S. organizations “across multiple sectors.”

Those sectors include “education, finance, healthcare, and defense sectors as well as local government entities.”

The FBI has assessed that these cyber actors are “connected with the Government of Iran and linked to an Iranian information technology company.”

“Their malicious cyber operations are aimed at deploying ransomware attacks to obtain and develop network access. These operations aid malicious cyber actors in further collaborating with affiliate actors to continue deploying ransomware.”

The alert outlines the tactics, techniques, and procedures used by the threat actors and the indicators of compromise.

The alert recommends that organizations follow the mitigations provided in the alert to defend against the activity.


About the author: Linn Foster Freedman is a partner with Robinson+Cole and chair the firm’s Data Privacy + Cybersecurity practice and the AI Team.

Tags:

Leave a Reply

Your email address will not be published. Required fields are marked *

Stay Connected with CBIA News Digests

The latest news and information delivered directly to your inbox.

CBIA IS FIGHTING TO MAKE CONNECTICUT A TOP STATE FOR BUSINESS, JOBS, AND ECONOMIC GROWTH. A BETTER BUSINESS CLIMATE MEANS A BRIGHTER FUTURE FOR EVERYONE.