Australia: Adopted Joint advisory on Iranian-based cyber actors compromising critical infrastructure networks

On 17 October 2024, the Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), Communications Security Establishment Canada (CSE), Australian Federal Police (AFP), and Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) issued a joint advisory on Iranian cyber actors' activities targeting critical infrastructure sectors. The advisory applies to critical sectors, including healthcare, government, information technology, engineering, and energy. The advisory outlines several tactics, techniques, and procedures used by these actors, including brute force attacks and multi-factor authentication (MFA) fatigue, aimed at obtaining credentials and sensitive network information. The advisory recommends that organizations implement strong password practices, enable phishing-resistant MFA, and regularly review MFA settings.