Iran Targets VPN Vulnerabilities for Cyberattacks on Businesses Across All Industries
FOR Immediate Release
Contact: Sitima Fowler, VP of Marketing
Phone: (585) 546-4120
Recent CISA Alert Warns of VPN Exploits During a Time When Many Businesses are Relying on a Remote Workforce
September 16, 2020: Iconic IT, a leading provider in the MSP industry, is warning that Iran is launching a new cyberattack targeting VPNs during a time when many businesses are relying on them to ensure network security for remote workers.
Per a September 15, 2020 CISA alert, Iran has been targeting the healthcare, IT, insurance, government, media and financial industries with a new VPN focused cyberattack. In these attacks, bad actors are seeking open ports to infiltrate the targeted organization’s VPN and gain access to their network. Once the bad actor has infiltrated the network, administrator-level credentials are obtained and exploited, and the organization is further compromised in a long-term attack (otherwise known as an Advanced Persistent Threat).
The intent behind these attacks is to establish a foothold in the affected network, mining data for cyberwarfare as well as for personal financial gain. The bad actors have been known to sell access to the uncovered network vulnerabilities to other threat actors in an online hacker forum. The alert warns that ransomware, a common Iranian cyberattack platform, has not been used to date in these attacks to date but remains a serious threat in future attacks.
Iconic IT’s Director of Technology and Security, Matt Lee, urges businesses to protect themselves with security layers such as multi-factor authentication:
“There have always been potential vulnerabilities with VPNs, but the stakes have never been higher. Any business not protecting its VPNs with common sense layers, including multi-factor authentication, is placing their network in jeopardy.”
Iconic IT recommends the following best practices for using a VPN with a remote workforce:
- Multifactor authentication
- Rigorous password policies and requirements
- Strong encryption methods
- Limiting VPN use to business related purposes only
- Robust antivirus, firewall, and antispam protections
- Secured wireless networks
With so many businesses providing VPNs to enable remote workers, Iconic IT considers this CISA alert to be a reminder that hackers are always seeking vulnerabilities, and that businesses need to remain vigilant.
About Iconic IT
Iconic IT is an award-winning Managed IT Service Provider (MSP), providing small and medium organizations with local and responsive IT support services. Iconic IT specializes in fully managed or co-managed IT support, cybersecurity and cloud solutions, strategic guidance, and excellent customer service using an exclusive PROS service model (Proactive, Reactive, Ownership, and Strategic). Iconic IT serves the following local communities: Dallas Fort Worth and East Texas, Wichita Kansas, Buffalo and Rochester New York, Bonita Springs Florida, and Denver Colorado. Visit www.iconicit.com to learn more.