The severity is CRITICAL due to the extensive nature of hacking activities, targeting critical infrastructures including IoT devices. The involvement of state-sponsored entities and their impact on government operations makes this a significant threat.
The EU has sanctioned three companies and two individuals for their roles in hacking activities targeting EU member states. The targeted entities include Chinese firms Integrity Technology Group and Anxun Information Technology, as well as an Iranian group named Emennet Pasargad. These groups have been involved in providing infrastructure and services used in cyberattacks against critical infrastructures.
Affected Systems
- Integrity Technology Group's products
- Anxun Information Technology (I-Soon)'s services
- Emennet Pasargad's hacking activities
Affected Versions: All versions and instances of the sanctioned entities' products and services
Remediation
- Block all network traffic from and to the IP addresses associated with Integrity Technology Group, Anxun Information Technology, and Emennet Pasargad.
- Review firewall rules to ensure no unauthorized access points are open for these entities.
- Update intrusion detection systems (IDS) with the latest signatures related to activities of these sanctioned groups.
Stack Impact
Impacts include potential vulnerabilities in IoT devices, critical infrastructures, and government digital services. No specific software or service versions mentioned directly but could be used by compromised services.