Government agencies in the US and the UK have warned of the growing risk of cyberattacks by an Iranian threat actor against public and private organisations.
According to Security Week, Iranian state-sponsored threat actor MuddyWater has been running cyberespionage operations against both public and private sector organisations worldwide.
The publication noted that threat actor is an advanced persistent threat actor that is believed to be a subordinate element within the Iranian Ministry of Intelligence and Security.
MuddyWater is believed to be supplying the Iranian government with both stolen data and access to compromised networks, according to a joint advisory issued by the US Cybersecurity and Infrastructure Security Agency, the FBI, the US Cyber Command Cyber National Mission Force, the NSA and the UK’s National Cyber Security Centre.
The threat actor has been observed conducting cyberespionage operations against organisations in sectors ranging from government, telecoms, oil and defence in Asia, Europe, Africa and North America.
The joint advisory stated for initial access to victim environments, the APT employs spear-phishing and exploits known vulnerabilities and employs open-source tools.
Organisations of all types and sizes have been advised to review the information associated with MuddyWater and ensure they deploy the necessary mitigations to keep their networks secure from this and similar threats.
Copyright © 2022 RegTech Analyst
Copyright © 2018 RegTech Analyst