Security researchers are warning that the outbreak of direct hostilities between Israel and Iran may soon lead to malicious cyberattacks against critical infrastructure sites in the U.S. from state-linked actors, hacktivist groups and cyber criminals.
State-backed and hacktivist cyber threats against Israel and the U.S.’s Middle Eastern allies are escalating, according to researchers at Radware. Experts have seen a spike in pro-Iran threat activity on Telegram and other public channels.
Threat actors have warned Saudi Arabia and Jordan to expect attacks on their critical infrastructure if they help Israel in its conflict with Iran, and activist groups have claimed to have disrupted Israeli radio stations.
While cyberattacks have thus far mainly targeted entities in the Middle East, researchers say U.S. infrastructure providers should harden their defenses against both direct intrusions and supply chain attacks targeting their third-party vendors.
“Iranian cyber activity has not been as extensive outside of the Middle East but could shift in light of the military actions,” John Hultquist, chief analyst at Google Threat Intelligence Group, said Friday.
“Targets in the United States could be reprioritized for action by Iran’s cyber threat capability,” Hultquist said. “Iranian cyber espionage activity already targets the U.S. government, military, and political set, but new activity may threaten privately owned critical infrastructure, or even private individuals.”
Security leaders in multiple sectors are raising concerns about a spike in Iran-linked threat activity, citing previous hacks that followed Hamas’s Oct. 7, 2023, attacks on Israel and Israel’s subsequent invasion of Gaza.
Source: Cybersecurity Dive