In a rare joint release, US and UK security agencies put out the warning that a group known as MuddyWater is targeting a range of industries including government organisations and small private businesses. Some of the sectors targeted include transportation, health care and critical infrastructure.

The US Cybersecurity and Infrastructure Security Agency (CISA) said MuddyWater is under the control of the Iranian Ministry of Intelligence and Security. The group’s remit is to steal data including passwords and online accesses from other countries. It is then given to the Iranian government and its allies.

Iran has traditionally been a staunch Russian ally. With increasing hostilities between Iran and the West over its nuclear program, it is relying on Russia more than ever for support in the international arena.

And while Iran has said it opposes the war in Ukraine, it has refused to denounce the military operation. It joined China in abstaining in a United Nation’s vote to reprimand Russia for the invasion.

Instead the Iran’s supreme leader Ayatollah Ali Khamenei suggested the root cause of the war was the “mafia regime” of the US and the polices of Western powers.

Despite being on the other side of the world, Australia is a target. Last year, the Australian Cyber Security Centre (ACSC) warned that Iranian government-sponsored hackers were attempting to gain access to systems using vulnerabilities in Microsoft Exchange.

A spokesperson for the ACSC said the Iranian government-sponsored group had also been exploiting Fortinet vulnerabilities. Fortinet is a cybersecurity company that protects big business and government organisations.

The spokesperson said ACSC is “encouraging Australian organisations to urgently adopt an enhanced cyber security posture in light of the heightened threat environment”.

MuddyWater uses a variety of tactics to steal information. According to the joint report it uses a combination of data exfiltration, spear phishing, ransomware and extortion.

Data exfiltration is when there is an unauthorised data transfer from a computer, often using malware. Meanwhile spear phishing is often in the form of scam emails or messages intended to install malware and steal data.

Australia has previously extended an offer to help Ukraine by expanding technical assistance in repelling Russian cyber attacks. That as well as being an ally of NATO members makes Australia a cyber terrorism target.

Russia has unleashed a deluge of cyber attacks on Ukraine, targeting internet systems, military communication, financial networks and energy providers.

Experts warn the Kremlin may be preparing for a cyber onslaught in retaliation to the tough sanctions imposed as a result of the invasion.

Australia recently committed $70 million to funding the defence of Ukraine while the US has approved $350 million worth of US weaponry to assist Ukrainian fighters.

More Coverage

Aussies warned about possible Russia attack

Charis Chang and AFP

Live updates: Four countries side with Russia

Alexis Carey and Alex Blair

“There has been a historical pattern of cyber attacks against Ukraine that have had international consequences,” the ACSC spokesperson said.

“Australian organisations should review their networks for vulnerabilities and update their Microsoft Exchange systems.”

More information on ways to protect your data from cyber threats can be found on the ACSC website.