• Services
    • Assess
      • Compromise Assessment
      • APT Assessment
      • Penetration Testing
      • Secure Architecture Design & Review
      • Red Team Assessment
      • Purple Team Assessment
      • Social Engineering
      • Source Code Review
    • Transform
      • SOC Consultancy
      •     SOC Maturity Assessment
      •     SOC Model Evaluation
      •     SOC Gap Analysis
      •     SIEM Gap Analysis
      •     SIEM Optimization
      •     SOC Content Pack
    • Train
      • Security Awareness and Training
      • Tabletop Exercise
      • Simulated Cyber Attack Exercises
    • Respond
      • Incident Response
      • Incident Analysis
  • Managed Security
    • Managed Security Monitoring
      • Remote SOC
      • Onsite SOC
      • Hybrid SOC
    • Managed Security Services
      • Managed Detection and Response
      • Managed Endpoint Detection and Response
      • Managed Threat Intelligence
      • Managed Threat Hunting
      • Managed Risk-Based SOAR
      • Managed Penetration Testing
  • Solutions
  • Resources
    • Blog
    • Press Release
    • Threat Advisory
  • Company
    • About Us
    • Careers
    • Contact
Rewterz Threat Advisory – Multiple Mozilla Firefox Vulnerabilities
June 29, 2022
Rewterz Threat Alert – Qakbot (Qbot) Malware – Active IOCs
June 29, 2022

Rewterz Threat Update – Iranian State-Owned Company Halts Production After Cyberattack

June 29, 2022

Severity

High

Analysis Summary

A cyberattack led the Iranian state-owned Khuzestan Steel Company, one of the major steel companies owned by the Iranian government, to halt production. This appears to be one of the biggest attacks on the country’s strategic industrial sector in recent memory.

Khuzestan Steel Company has a monopoly on steel production in Iran along with two other major state-owned firms. The company was compelled to suspend operations in order to prevent damage to the production lines and disruption to the supply chains to which it belongs.

According to the Iranian news channels, the attempt was unsuccessful since the plant’s activities were halted at the time due to an energy outage.

The CEO of the company said:

“Fortunately with time and awareness, the attack was unsuccessful,”

An anonymous hacking group, named Gonjeshke Darande, claimed responsibility for the social media attack, saying it targeted Iran’s three largest steel companies in response to the Islamic Republic’s aggression.

Several cyberattacks have targeted Iranian infrastructure in recent years. One attack disrupted gas stations operated by the state-owned National Iranian Oil Products Distribution Company (NIOPDC) throughout Iran. The Iranian railroad system was also targeted by a cyberattack, with threat actors spreading false information about delays or cancellations of the trains.

Impact

  • Halt in Production
  • Cyber Espionage

Remediation

  • Passwords – Ensure that general security policies are employed including: implementing strong passwords, correct configurations, and proper administration security policies.
  • Admin Access – limit access to administrative accounts and portals to only relevant personnel and make sure they are not publicly accessible.
  • WAF – Web defacement must be stopped at the web application level. Therefore, set up a Web Application Firewall with rules to block suspicious and malicious requests.
  • Patch – Patch and upgrade any platforms and software timely and make it into a standard security policy. Prioritize patching known exploited vulnerabilities and zero-days.
  • Secure Coding – Along with network and system hardening, code hardening should be implemented within the organization so that their websites and software are secure. Use testing tools to detect any vulnerabilities in the deployed codes.
  • 2FA – Enable two-factor authentication.
  • Antivirus – Enable antivirus and anti-malware software and update signature definitions in a timely manner. Using a multi-layered protection is necessary to secure vulnerable assets
  • Services
    • Assess
      • Compromise Assessment
      • APT Assessment
      • Penetration Testing
      • Secure Architecture Design & Review
      • Red Team Assessment
      • Purple Team Assessment
      • Social Engineering
      • Source Code Review
    • Respond
      • Incident Response
      • Incident Analysis
  • Transform
    • SOC Consultancy
    •     SOC Maturity Assessment
    •     SOC Model Evaluation
    •     SOC Gap Analysis
    •     SIEM Gap Analysis
    •     SIEM Optimization
    •     SOC Content Pack
  • Train
    • Security Awareness and Training
    • Tabletop Exercise
    • Simulated Cyber Attack Exercises
  • Managed Security
    • Managed Security Monitoring
      • Remote SOC
      • Onsite SOC
      • Hybrid SOC
    • Managed Security Services
      • Managed Detection and Response
      • Managed Endpoint Detection and Response
      • Managed Threat Intelligence
      • Managed Threat Hunting
      • Managed Risk-Based SOAR
      • Managed Penetration Testing
  • Solutions
  • Resources
    • Blog
    • Threat Advisory
  • Company
    • About Us
    • Careers
    • Contact
COPYRIGHT © REWTERZ. ALL RIGHTS RESERVED.