US Accuses Iran-sponsored Hackers Of Being Behind Ransomware Attacks On Companies

The US accuses Iranian sponsored hackers of attacking American companies. (photo; doc. pixabay)

JAKARTA - A hacker group "sponsored" by the Iranian government launched a disruptive cyberattack against various US companies. This disruption extends to healthcare providers and transportation companies.

The warning was raised by the cybersecurity agency of the US Department of Homeland Security (DHS) on Wednesday, November 17.

The warning, co-authored by the FBI and the DHS Cybersecurity and Infrastructure Security Agency, said hackers exploited vulnerabilities in legacy software in products made by Microsoft and Fortinet to break into victims' computer networks. While the vulnerability was patched, some customers had not yet updated their network.

On Tuesday, Microsoft said in a blog post that it had observed six different Iranian hacker groups that had been spreading ransomware since September 2020.

The ransomware usually works by encrypting computer data, making it inaccessible until payment for the extortion money is sent to the hacker.

"As Iranian operators have adapted their strategic goals and expertise, over time they have evolved into more competent threat actors capable of performing the full spectrum of operations," the Microsoft analysis said.

A spokesman for Iran's mission to the United Nations did not immediately respond to a request for comment.