CISA urges multi-factor authentication and rapid incident response for Iranian cyber activity
Defensive Guidance
Summary
Hide ▲
Show ▼
CISA urged multi-factor authentication and rapid incident response as Iranian regime actors and proxies stepped up malicious cyber activity against U.S. industries and government agencies. The guidance matters because the attackers were described as using spear phishing, password spraying, and credential stuffing to gain access. CISA warned that an initial account compromise can quickly expand into broader network loss. Organizations were told to treat suspected incidents seriously and respond immediately.
Timeline
-
22.06.2019 15:00 1 articles · 84mo ago
CISA warns of Iranian cyber activity targeting U.S. organizations
Initial DisclosureCISA Director Christopher C. Krebs warned that Iranian regime actors and proxies were behind a recent rise in malicious cyber activity targeting United States industries and government agencies. The advisory said the actors were increasingly using destructive wiper attacks enabled by spear phishing, password spraying, and credential stuffing, and urged organizations to use multi-factor authentication and respond immediately to suspected compromise to reduce the risk of account compromise escalating into broader network loss.
Show sources
- CISA Statement on Iranian Cybersecurity Threats — www.cisa.gov — 22.06.2019 15:00