The notice corresponded to new warnings from private security research firms, including Recorded Future, of a surge in preparatory activity over the past three months by APT33, a threat group connected to the Iranian government and Iranian Revolutionary Guard Corps (IRGC, Iran’s military).
In an interview with Ars, Krebs explained that the reason for the warning went beyond that “regional activity”—attacks on Saudi Arabian companies and other organizations in the Persian Gulf and South Asia.
“Over the course of the last couple of weeks, and in particular last week I’d say, [the activity] became specifically directed,” he said. A “sense of the community”—reports from US intelligence and other agencies, as well as private sector cybersecurity vendors—showed a significant leap in spear-phishing attacks connected to infrastructure associated with APT33 against targets in the US over the past week, Krebs said. “So you combine that increase in activity with a historic intentionality and demonstrated ability, after previous destructive campaigns, and it was time to make a statement and say, ‘Hey look, everybody, this is heating up. And politically it is also heating up… We need to step up our game.'”
Watching out for phishes
CISA is a very new agency within DHS created last year by Congress and charged with taking on domestic cybersecurity and critical infrastructure security activities. Formed out of the Department of Homeland Security’s National Protection and Programs Directorate and the US Computer Emergency Readiness Team, CISA has a wide mandate that includes efforts to coordinate protection of the security of US election systems and to help federal, state, and local agencies better secure themselves against other information security and infrastructure risks.
But CISA’s role is, outside of the federal government, largely advisory. The agency has cybersecurity advisors who work with major industry groups associated with critical infrastructure, of which election infrastructure is just a small part. As Krebs put it, the agency (including its US CERT component) is an “integrator” of information from multiple sources, including the Office of the Director of National Intelligence and the components of the intelligence community and private information security partners.
Iran Briefing | News Press Focus on Human Rights Violation by IRGC, Iran Human Rights
Nov 20, 2019 Comments Off on Israel strikes dozens of Iranian targets in Syria following rocket attack
Nov 20, 2019 Comments Off on Iran: More than 100 protesters believed to be killed as top officials give green light to crush protests
Nov 19, 2019 Comments Off on Trump has said freeing American prisoners abroad is a top priority. What about U.S. prisoners in Iran?
Nov 19, 2019 Comments Off on Protests In Iran Continue Despite Use Of Lethal Force – Dozens Reported Killed
Nov 16, 2019 Comments Off on Why aren’t Israel and the US responding to Iran’s Nuclear and Missile Threats?
Nov 15, 2019 Comments Off on Iran war alert as Tehran taunts Trump – ‘Don’t dare attack us, we’re ready if you do!’
Nov 14, 2019 Comments Off on Electors of Iran’s next leader cannot even protect themselves against IRGC
Nov 14, 2019 Comments Off on The Iraqi people are rising up against Iran
Nov 20, 2019 Comments Off on Israel strikes dozens of Iranian targets in Syria following rocket attackIsrael strikes dozens of Iranian targets in Syria following rocket attack Israel strikes dozens of Iranian targets in Syria following rocket attack The Israeli military on Wednesday said it struck dozens of Iranian...
Nov 20, 2019 Comments Off on Iran: More than 100 protesters believed to be killed as top officials give green light to crush protestsVerified video footage, eyewitness testimony from people on the ground and information gathered from human rights activists outside Iran reveal a harrowing pattern of unlawful killings by Iranian security forces, which...
Mar 27, 2019 Comments Off on U.S. sanctions firms accused of helping fund Iran’s Revolutionary GuardsU.S. sanctions firms accused of helping fund Iran’s Revolutionary Guards U.S. sanctions firms accused of helping fund Iran’s Revolutionary Guards The United States on Tuesday imposed fresh sanctions on a network of companies and people in Iran, Turkey and the United Arab Emirates it...