A Wake-Up Call for Cybersecurity Vigilance: Iranian National Charged in Massive Cyber Attack on U.S. Defense Contractors, $10 million reward offered

In a plot that reads more like a suspense novel than reality, Alireza Shafie Nasab, an Iranian national has been indicted for orchestrating relentless cyber-attacks against U.S. defense contractors. This revelation isn’t just a news flash; it’s a call to arms for everyone to fortify their cybersecurity defenses, particularly those in the defense contractor realm, against the mounting global cyber threats.

Cracking the Defense

Linked to an Iran-based cybersecurity service provider, Nasab led a sophisticated campaign, leaving chaos in his wake. Picture this: first, spearphishing attacks targeting a defense contractor to gain access to the network, then access to systems to create fake accounts and gain access to data but also to use to spearphish other defense contractors and companies, eventually leading to controlling over 200,000 employee accounts at various defense contractors and other companies.


According to Assistant Attorney General for National Security Matthew G. Olsen, Nasab is just a pawn in a broader Iranian game impacting  U.S. national security. The U.S. is offering up to $10 million for information leading to Nasab’s capture as FBI’s hunts for the cyber attacker.

Call to Arms and FBI on the Hunt

As Nasab plays hide-and-seek, the FBI is digging deeper, emphasizing how vital cybersecurity at defense contractors is to national security. Nasab’s moves reveal the ever-changing landscape of global cyber warfare, and should make us all pause.

In particular, for defense contractors, it’s time to test the defense and eliminate security holes, before it is too late.

Here’s a stark reality check: Have you tested your incident response plan? Have you done a Pen-Test? If not, you are not in compliance and your defenses are down.

The Necessity of Incident Response and Pen-Testing

NIST 800-171 today and CMMC in the near future, mandates thorough incident response plans and penetration testing for defense contractors. It’s not just a checkbox; it’s a crucial step in staying ahead of the cyber threats. CyberCatch recognizes this critical need and offers specialized incident response and pen-testing services tailored to fortify your defense against potential breaches.

Testing Your Incident Response Plan: A Compliance Mandate

NIST 800-171 requires not only an incident response plan, but testing. CyberCatch ensures that your organization not only has a plan in place but that it’s battle-tested, ready to respond effectively to any cyber incident via table-top exercise simulating a cyber attack. Compliance isn’t just about paperwork; it’s about having a proactive and resilient cybersecurity.

Penetration Testing: Your Shield Against the Cyber Attack

CyberCatch goes beyond compliance checkboxes by offering comprehensive penetration testing services. If your organization hasn’t undergone a Pen Test, you’re not just at risk; you’re out of compliance. NIST 800-171 and CMMC also requires you test your cybersecurity regularly. CyberCatch’s experts simulate real-world cyber-attacks, involving reconnaissance, external and internal penetration testing to identify vulnerabilities and weaknesses in your system, and guiding on immediate remediation to eliminate security holes and blind spots, ensuring you stay one step ahead of cyber attackers.

The CyberCatch Advantage

In a landscape where compliance is non-negotiable, CyberCatch stands out. Our services not only meet NIST 800-171 and CMMC requirements but go above and beyond to fortify your organization’s cyber defenses. Don’t wait for a cyber siege to expose vulnerabilities – let CyberCatch be your proactive shield.

CyberCatch invites you to not just meet compliance standards but to surpass them. Test your incident response plan, fortify your defenses with a Pen Test, and stay ahead of the game. Cybersecurity isn’t just about compliance; it’s about resilience, and CyberCatch is your partner in building a fortified cyber defense.

Contact our team today to attain compliance with NIST 800-171 and CMMC quickly, avoid penalties and keep your business safe.

Learn more about Incident Response Testing.

Learn more about our Penetration Testing.

Check out a quick DEMO.

Learn More > https://cybercatch.com/defense/

Share This Article

More Articles

Cybersecurity Crisis at K-12: The Continuous Ransomware Attacks and How to Avoid Becoming the Next Victim

With every click of a mouse, K-12 schools face the looming threat of a ransomware disrupting...

Healthcare under siege from cyberattacks: What You Must Do Now

In recent months, the threat of cyberattacks has loomed ominously over the healthcare industry...

Recent AI Case and New Cybersecurity Controls Prescription are a Wakeup Call for Secure AI

From revolutionizing industries to enhancing everyday experiences, Artificial Intelligence (AI) has...

The Growing Threat: Cybersecurity Risks & Legal Penalties for Mortgage Companies

The mortgage industry has become a prime target for cybercriminals seeking to exploit...

The Urgency of FTC Compliance for Auto Dealerships in the Face of Cyber Threats

The automotive industry is a rapidly evolving landscape. While digitization of operations has...

The “Ripple Effect” Cyber Threats Pose to Medium and Large Healthcare Organizations

The healthcare industry has embraced innovative, digital solutions to enhance patient care...

Small Healthcare Organizations Can Shut Down From Cyber Attack Permanently: Why Compliance with HICP Is Key To Survival

There over 6,000 hospitals and over 20,000 other healthcare organizations in the United States, and...

NIST 800-171 & CMMC: Two Key Questions To Assess Your Risk

You may have heard about the Boeing attack recently – but large, prime contractors to the DoD are...