Iranian government-sponsored hackers are actively targeting a “broad range of victims” across the US transportation and health care sectors, and in some cases are deploying ransomware against those victims, US federal agencies and their counterparts from the United Kingdom and Australia warned on Wednesday.
It’s a rare case of the US government publicly linking Iran with ransomware, which is typically used by cybercriminals rather than governments. And it’s a reminder that America’s ransomware problem is not limited to Russia.
The Iranian hackers are exploiting known flaws in software made by Microsoft and California-based vendor Fortinet to access systems and at times lock them up with ransomware, according to the advisory from the FBI, US Cybersecurity and Infrastructure Security Agency, Australian Cyber Security Centre and the UK’s National Cyber Security Centre.
Private-sector researchers have been detailing Iran’s alleged connection to ransomware for months, warning that hacks on companies in Israel and elsewhere are meant to disrupt business operations and intimidate victim organizations rather than recover actual ransom payments.
This story is breaking and will be updated.
™ & © 2021 Cable News Network, Inc., a WarnerMedia Company. All rights reserved.