According to a report released by the FBI and the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA), although the hack likely began in February, DHS officials responded to it in June.
The hackers exploited a widely known vulnerability that the Cybersecurity Agency warned of in December 2021 and directed security agencies to address it.
This hack is an example of how it can take months from the time it occurs to the time it is detected and addressed, and this may also be the latest evidence that hacking teams in Tehran, which are often contracted to the government, are involved in schemes to produce (mining) cryptocurrencies , which generate profits that are likely to be beneficial to those affected by the sanctions on Iran.
The ultimate motive for the Iranian hackers was not clear, and the cybersecurity agency and the FBI did not immediately respond to CNN’s request for comment.
The Iranian government regularly denies being accused of hacking. Iran’s permanent mission to the United Nations did not respond to CNN’s request for comment.
The hacking squad of major countries, including China and Iran, often relies on contractors who give those governments reasonable deniability, and the United States has also used contractors to build its offensive cyber capabilities.
In the case of Iran, the US authorities have in recent months accused contractors affiliated with the Iranian regime of infiltrating American companies and organizations while working in technology companies affiliated with the Iranian Revolutionary Guard.