The notice corresponded to new warnings from private security research firms, including Recorded Future, of a surge in preparatory activity over the past three months by APT33, a threat group connected to the Iranian government and Iranian Revolutionary Guard Corps (IRGC, Iran’s military).
In an interview with Ars, Krebs explained that the reason for the warning went beyond that “regional activity”—attacks on Saudi Arabian companies and other organizations in the Persian Gulf and South Asia.
“Over the course of the last couple of weeks, and in particular last week I’d say, [the activity] became specifically directed,” he said. A “sense of the community”—reports from US intelligence and other agencies, as well as private sector cybersecurity vendors—showed a significant leap in spear-phishing attacks connected to infrastructure associated with APT33 against targets in the US over the past week, Krebs said. “So you combine that increase in activity with a historic intentionality and demonstrated ability, after previous destructive campaigns, and it was time to make a statement and say, ‘Hey look, everybody, this is heating up. And politically it is also heating up… We need to step up our game.'”
Watching out for phishes
CISA is a very new agency within DHS created last year by Congress and charged with taking on domestic cybersecurity and critical infrastructure security activities. Formed out of the Department of Homeland Security’s National Protection and Programs Directorate and the US Computer Emergency Readiness Team, CISA has a wide mandate that includes efforts to coordinate protection of the security of US election systems and to help federal, state, and local agencies better secure themselves against other information security and infrastructure risks.
But CISA’s role is, outside of the federal government, largely advisory. The agency has cybersecurity advisors who work with major industry groups associated with critical infrastructure, of which election infrastructure is just a small part. As Krebs put it, the agency (including its US CERT component) is an “integrator” of information from multiple sources, including the Office of the Director of National Intelligence and the components of the intelligence community and private information security partners.
Iran Briefing | News Press Focus on Human Rights Violation by IRGC, Iran Human Rights
Feb 27, 2020 Comments Off on US claims Iran is stepping up support to Yemen’s Houthis
Feb 24, 2020 Comments Off on Iran threat to destroy tombs of Purim heroes Esther and Mordechai alarms US agency
Feb 18, 2020 Comments Off on Iran and Najaf struggle for control over Hashd al-Shaabi after Muhandis’s killing
Feb 14, 2020 Comments Off on Trump warns Senate not to approve war powers resolution on Iran
Feb 28, 2020 Comments Off on Stop Repressing Your Own, HRW Tell The Mullah’s of Iran
Feb 28, 2020 Comments Off on After Soleimani Killing, Iran and Its Proxies Recalibrate in Iraq
Feb 28, 2020 Comments Off on Iran: The Source of Houthi Power
Feb 28, 2020 Comments Off on Jailed Iranian Activist Tortured, Rape-Threatened for 1,200 Hours
Feb 28, 2020 Comments Off on Iran: The Source of Houthi PowerThe Iran-backed Houthi rebel group claimed on February 15 that it shot down a Tornado fighter jet belonging to Saudi Arabia. Houthi spokesman Yahya al-Saree said on Houthi-run Al-Masirah television that the jet was...
Feb 27, 2020 Comments Off on US claims Iran is stepping up support to Yemen’s HouthisUS claims Iran is stepping up support to Yemen’s Houthis US claims Iran is stepping up support to Yemen’s Houthis Iran might be advancing its support for the Houthi movement in Yemen, according to a senior US...
Feb 10, 2020 2,030On 3rd of January a news spread in social media regarding Qasem Soleimani and AbuMahdi Mohandes who has died by a US drone strike near Baghdad Airport and this was the end of their lives. In social media, especially Iranian users, there was a chaotic situation, some called of “the general of...