At least 10 U.S. critical infrastructure organizations, especially those in the manufacturing and transportation industries, have been targeted by Iranian threat operations amid escalating tensions between Iran and Israel, reports Cybersecurity Dive.
Most active of the groups is state-sponsored MuddyWater, which has compromised half of the firms, followed by APT33, according to an analysis from Nozomi Networks. Other groups looking to infiltrate U.S. critical infrastructure include CyberAv3ngers and Fox Kitten. Moreover, intrusions launched by Iran-linked hacking operations rose from 12 in March and April to 28 in May and June. Such findings follow a Cybersecurity and Infrastructure Security Agency alert regarding potential Iranian retaliatory cyberattacks against the U.S. "Iranian-affiliated cyber actors and aligned hacktivist groups often exploit targets of opportunity based on the use of unpatched or outdated software with known [vulnerabilities] or the use of default or common passwords on internet-connected accounts and devices," said the CISA advisory.
Most active of the groups is state-sponsored MuddyWater, which has compromised half of the firms, followed by APT33, according to an analysis from Nozomi Networks. Other groups looking to infiltrate U.S. critical infrastructure include CyberAv3ngers and Fox Kitten. Moreover, intrusions launched by Iran-linked hacking operations rose from 12 in March and April to 28 in May and June. Such findings follow a Cybersecurity and Infrastructure Security Agency alert regarding potential Iranian retaliatory cyberattacks against the U.S. "Iranian-affiliated cyber actors and aligned hacktivist groups often exploit targets of opportunity based on the use of unpatched or outdated software with known [vulnerabilities] or the use of default or common passwords on internet-connected accounts and devices," said the CISA advisory.




