Targeting of U.S. and Australian critical infrastructure

Date of report

November 2021

Affiliations

Believed to be the work of the Islamic Republic of Iran's government

Iranian hackers have been penetrating networks in both the United States and Australia with ransomware, either to disrupt critical infrastructure or turn a profit.

Suspected victims

Critical infrastructure across the United States and Australia.

Suspected state sponsor

Iran (Islamic Republic of)

Type of incident

Financial Theft

Target category

Private sector
Civil society

Victim government reaction

Unknown

Iranian Government-Sponsored APT Cyber Actors Exploiting Microsoft Exchange and Fortinet Vulnerabilities in Furtherance of Malicious Activities
US and UK agencies say Iran is behind ‘ongoing’ ransomware campaign

Cyber Operations Tracker

CFR.org

Topics

Regions

Explainers

Research & Analysis

Communities

Events