CISA, along with the FBI, NSA, and global partners, issued a joint advisory revealing Iranian cyber actors' tactics of brute force and credential access to compromise critical infrastructure organizations. These actors targeted sectors like healthcare, government, IT, engineering, and energy by using techniques like brute force and password spraying to infiltrate user accounts. The advisory includes indicators of compromise (IOCs) and recommended security measures, emphasizing the importance of strong passwords and two-factor authentication
Critical infrastructure entities are urged to implement the provided guidance and enhance their cybersecurity defenses. For further insights into Iranian state-sponsored cyber threats, CISA's Iran Cyber Threat Overview and Advisories page offers additional resources. The advisory aligns with CISA's Cross-Sector Cybersecurity Performance Goals, advocating for enhanced baseline protections across sectors to mitigate cyber risks. https://www.cisa.gov/news-events/alerts/2024/10/16/cisa-fbi-nsa-and-international-partners-release-advisory-iranian-cyber-actors-targeting-critical