The threat group Black Reward has taken credit for the breach of the Islamic Revolutionary Guard Corps (IRGC) managed Fars News Agency out of Iran. The group stated that they deleted nearly 250 terabytes of data and accessed confidential bulletins and directives sent by the news agency to the office of Supreme Leader Ali Khamenei. Additional compromised data includes recorded calls, information on internal portals related to administrative conversations and news folders, image archives, and financial documents of the news agency. Fars News is denying that Black Reward accessed any information and stated that the threat group only deleted news from one day. Black Reward has been connected to multiple situations over the course of the past year, and they will likely continue their efforts as Iran’s political situation remains uneasy.
Hacktivists can be unpredictable and can strike at any time. To defend against their efforts, organizations should enforce password resets and implement multifactor authentication, regularly apply patches to external facing resources, and have a DDoS mitigation plan in place.