Iran coordinates ransomware attacks against the US and the Middle East

According to a notice from U.S. federal agencies, Iran is orchestrating ransomware attacks targeting organizations in the U.S., Israel, Azerbaijan, and the United Arab Emirates. Since 2017, groups linked to the Iranian government, known as Pioneer Kitten and others, have been targeting sectors such as education, finance, health, and defense. These actors collaborate with ransomware gangs to gain access to networks and then sell that access or block systems to extort money. Iran also uses an IT company to cover its activities. Agencies advise organizations to update the vulnerabilities these hackers exploit and report any incidents. According to the agencies, ransomware attacks and cyber incidents ought to be reported to the FBI and CISA, as they are keen to collect more details on tactics, IP addresses, ransom notes, bitcoin wallets, decryptor files, and other relevant information.