Our friends and partners at Dark Web intelligence firm IntSights have an excellent (and relatively short) threat briefing about Iranian cyber threat actors and the tactics they use for cyber espionage and warfare. The briefing includes recommendations for mitigation of these threats.
The briefing can be downloaded at https://wow.intsights.com/rs/071-ZWD-900/images/Threat%20Brief_Iran.pdf
A list of Indicators of Compromise (IOCs) associated with Iranian operations can be downloaded at: https://wow.intsights.com/rs/071-ZWD-900/images/Iranian%20IOCs%20Appendix.pdf
Iranian cyber operations continue to pose a threat to the interests of countries worldwide. If you think you’re “too small” or “don’t hold any data they would care about”, don’t kid yourself. Advanced Persistent Threat (APT) actors target organzations of all sizes and across industries. We recommend educating yourself by reading this threat briefing and taking action on the recommendations made therein.
If you’re an Assura Managed SIEM client, our SOC is on heightened alert monitoring for Iranian APT and hacktivist activity. As new IOCs are discovered, they are being pushed into our platform through our live threat intelligence feeds. If you’re an Assura Virtual ISO™ client, feel free to discuss concerns with your Virtual ISO™. As always, if you have any questions, please feel free to contact Cyber Heads-up via the contact form on our web site.