Iran Ports Organization is the victim of ransomware attacks on Iran’s infrastructure.
Last night, the Iranian Ports Organization suffered heavy attacks of new ransomware, causing significant disruption.
This organization allegedly had the same zerologon vulnerability (https://www.secura.com/blog/zero-logon) and had not yet addressed it, and hackers exploited this vulnerability to vital parts of the organization.
They have gained access and, in addition to the ransomware attack, have spread sensitive data on the net.
Relatively severe DDOS attacks after ransomware on Iran’s infrastructure!
Last week, in addition to ransomware attacks, DDOS (50 million sessions per second) received numerous reports.
By studying and knowing the attack technique, we were able to fortunately prevent the attacks.
According to studies, Atker connects to ports above 1024 from many sources to the range of your Internet addresses.
It is recommended to open only the required ports on the edge firewalls of your network to keep your policies as limited as possible and unknown harrow ports (1024 to 65535) for ICMP ٫ PIM, GRE, TCP protocols / UDP are used except for ports and also be sure to block Russian and Chinese IPs.