FORT MEADE, Md. – The National Security Agency (NSA) is joining the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and others in releasing a Cybersecurity Advisory (CSA), “Iranian Cyber Actors’ Brute Force and Credential Access Activity Compromises Critical Infrastructure Organizations,” to warn network defenders of malicious activity that can enable persistent access in sensitive systems.
Since October 2023, Iranian cyber actors have used a technique known as brute force to compromise user accounts and obtain access to organizations to modify MFA registrations, enabling persistent access.