Iranian threat actors are expected to intensify their many cyberattacks against the United States following recent events. After the U.S. bombed three key nuclear sites in Iran, the regime in Tehran publicly vowed to retaliate. The Department of Homeland Security issued a national terrorism advisory system bulletin on Sunday warning of this. The bulletin warns that retaliation from Iran could come in several different forms, including various digital attacks.
A chief analyst in Google’s Threat Intelligence Group said the likelihood of disruptive cyberattacks has now increased.
He pointed out that many of Iran’s recent cyber operations have been focused on the nation of Israel. These attacks can provide valuable insights into both the capabilities and the current limitations of Iranian threat actors. He noted that Iran has had mixed results with disruptive cyberattacks and they frequently fabricate their overall effects.
An expert warned that Iran already targets the United States with ongoing cyberespionage to gather geopolitical insight. Persons and individuals who are associated with Iran policy are frequently targeted through both their organizational and personal accounts. These individuals are also targeted indirectly by Iranian cyberespionage against telecoms, airlines, hospitality, and other similar organizations.
These companies have data that can be used to identify and also track many different persons of interest.
The cybersecurity community has closely followed all of Iran’s various activities that have been occurring in cyberspace. While some attacks that have been linked to Iranian hackers have appeared to be somewhat unsophisticated, others were more advanced. This includes many phishing attacks that were aimed at political campaigns and brute force attacks targeting critical infrastructure. A group named CyberAv3ngers has developed malware called IOCONTROL that has been used to target IoT and OT devices.
Reference:
