It’s a rare case of the US government publicly linking Iran with ransomware, which is typically used by cybercriminals rather than governments. And it’s a reminder that America’s ransomware problem is not limited to Russia.
The Iranian hackers are exploiting known flaws in software made by Microsoft and California-based vendor Fortinet to access systems and at times lock them up with ransomware, according to the advisory from the FBI, US Cybersecurity and Infrastructure Security Agency, Australian Cyber Security Centre and the UK’s National Cyber Security Centre.
Private-sector researchers have been detailing Iran’s alleged connection to ransomware for months, warning that hacks on companies in Israel and elsewhere are meant to disrupt business operations and intimidate victim organizations rather than recover actual ransom payments.
This story is breaking and will be updated.