DHS CISA Warns That Iranian Hackers Increasingly Using Destructive ‘Wiper’ Attacks

The Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) Director Christopher C. Krebs on Saturday released a statement in response to the recent rise in malicious cyber activity, including spear phishing and brute force attacks, by Iranian regime actors and proxies.

“Iranian regime actors and proxies are increasingly using destructive ‘wiper’ attacks, looking to do much more than just steal data and money,” said Krebs.

“CISA is aware of a recent rise in malicious cyber activity directed at United States industries and government agencies by Iranian regime actors and proxies. We will continue to work with our intelligence community and cybersecurity partners to monitor Iranian cyber activity, share information, and take steps to keep America and our allies safe,” he said.

READ:  Nation-State Actors are Becoming More Aggressive in Attacking Our Supply Chain - NCSC Director

According to Krebs, these efforts are often enabled through common tactics like spear phishing, password spraying, and credential stuffing. What might start as an account compromise, where you think you might just lose data, can quickly become a situation where you’ve lost your whole network.

President Donald Trump abruptly called off a plan for airstrikes against the Islamic Republic after Iran shot down a U.S. Navy drone a few days earlier.

Krebs urged businesses and agencies to make sure they have shored up their basic defenses, such as using multi-factor authentication, and to act quickly if they suspect an incident.