Iran Ramps Up Cyber Influence Campaigns, with Israel as Prime Target
Iran escalates cyber-influence operations against its adversaries, with a focus on Israel and regional opponents
Photo: Unsplash
A recent report from Microsoft highlights an increase in "cyber-enabled influence operations for greater geopolitical effect" carried out by Iranian state actors from June 2022 to the present.
These operations are believed to be a response to perceived external and internal threats against the Iranian regime. Primary targets include Israel, influential Iranian opposition figures, and Tehran's Gulf state adversaries, such as Saudi Arabia, the UAE, and the United States. The campaigns aim to counteract the normalization of Arab-Israeli relations, incite Palestinian resistance, and provoke unrest among Shiite populations.
Microsoft's report also observed a decline in Iran's use of ransomware and wiper attacks, which had previously been on the rise. The cyber-enabled influence operations are suspected to be orchestrated by Emennet Pasargad, also known as "Cotton Sandstorm" or "NEPTUNIUM."
Despite the current focus on influence operations, Microsoft warns that the threat of cyberattacks on US and Israeli critical infrastructure persists. In response, the US Cybersecurity & Infrastructure Security Agency (CISA) launched the Ransomware Vulnerability Warning Pilot (RVWP) program on May 1, aimed at bolstering critical infrastructure organizations' defenses against ransomware attacks.