Iranian hackers are increasingly targeting healthcare organizations, using "brute force" and password spraying attacks to compromise user accounts and gain unauthorized access to sensitive systems.
Since October 2023, Iranian hackers have intensified their attacks on sectors including healthcare, public health, government, IT, engineering and energy, according to an Oct. 16 press release from the Cybersecurity and Infrastructure Security Agency
The hackers frequently alter multi-factor authentication settings to maintain prolonged access to compromised systems. They also probe the networks to gather more credentials and valuable information that could help them expand their access.
CISA warns that these attackers likely sell the stolen data on cybercriminal forums, where it can be used for further malicious activities.