Threat Insight
No Further Increase in Iranian Cyber Operations
A top U.S. cybersecurity official said the government has not seen an increase in cyber threats from Iran since the U.S. and Israel started launching strikes across the country late last month. Iranian cyber operations continue on roughly the same level as before the war begun, according to the official. The US government contiue to monitor the situation, however. [1]
The only known targets of Iranian destructive cyber attacks are still the US medical company Stryker and the Albanian parliament.
Assessment
Truesec agrees with this overall assessment, despite earlier warning for potential increase in Iranian cyber activities. However, the situation may change in the future.
A possible explanation for the lack more Iranian cyber activities could be successful efforts by US and Israeli forces to degrade the Iranian regime’s capabilities. Iranian cyber units may have been targeted with kinetic attacks and disrupted or forced to disperse. Their ability to operate may also have been hampered by the internet blackout in Iran.
Known Iranian cyber activities appear to focus mainly on information operations. The US Justice Department has also announced the seizure of four domains as part of an ongoing effort to disrupt hacking and transnational repression schemes conducted by the Islamic Republic of Iran’s Ministry of Intelligence and Security (MOIS). [2]
References
[1] https://therecord.media/cisa-official-says-agency-has-not-seen-uptick-cyber-threats-iran
[2] https://www.justice.gov/opa/pr/justice-department-disrupts-iranian-cyber-enabled-psychological-operations
Stay ahead with cyber insights
Newsletter
Stay ahead in cybersecurity! Sign up for Truesec’s newsletter to receive the latest insights, expert tips, and industry news directly to your inbox. Join our community of professionals and stay informed about emerging threats, best practices, and exclusive updates from Truesec.