US businesses warned to brace for Iranian cyberattacks as war with Israel escalates

Two leading US cybersecurity organizations are urging American businesses to brace for a potential wave of cyberattacks from Iran as the country is engaged in escalating hostilities with Israel.
The Information Technology — Information Sharing and Analysis Center (IT-ISAC) and the Food and Agriculture Information Sharing and Analysis Center (Food and Ag-ISAC) issued a joint statement last week warning that the conflict could trigger a surge in cyber activity from Iranian-linked actors targeting American companies.
'Historically, Iranian state-sponsored actors, pro-Iran hacktivist groups, and financially motivated cybercriminals have launched attacks against US organizations during periods of heightened conflict,' the statement said.
4 Two leading US cybersecurity organizations are urging American businesses to brace for a potential wave of cyberattacks from Iran.
Rumana – stock.adobe.com
The two ISACs called on businesses across all sectors — especially those in critical infrastructure — to 'take immediate steps to proactively assess their cyber preparedness, enhance their defenses, and prepare for a range of cyber activity, some of which could potentially be disruptive.'
Iranian-affiliated threat actors are known for their aggressive and adaptive tactics, techniques and procedures (TTPs) — a cybersecurity term that describes how hackers or cybercriminal groups plan and carry out attacks in the digital world.
The two cybersecurity groups emphasized the importance of raising internal awareness, boosting monitoring for suspicious behavior and training employees to report phishing emails and malicious links.
'Preparedness is critical to resilience,' the organizations wrote.
'Now is the time for companies to become familiar with Iranian-affiliated threat actors and their TTPs, assess their own cybersecurity posture, strengthen their defenses, begin heightened monitoring for suspicious activity, and remind employees to report suspicious emails and links.'
The ISACs also highlighted the risks of collateral damage, noting that attacks aimed directly at Israeli targets could inadvertently impact US companies through the global interconnectedness of digital networks.
4 Israeli air defense systems are activated to intercept Iranian missiles over Tel Aviv on Wednesday.
AFP via Getty Images
'Even attacks not directly targeting the US could have indirect effects and cause disruptions to companies in the US,' the statement warned.
'It is possible that cyber attacks targeting Israel itself could cause collateral damage to US companies, even if the US companies themselves are not the intended target.'
Both organizations said they are continuing to monitor the situation and provide real-time intelligence to member companies. They noted that their member base is actively using tools such as adversary attack playbooks and secure collaboration channels to stay ahead of emerging threats.
'The Food and Ag-ISAC and IT-ISAC will continue to monitor the situation and provide timely intelligence updates as new threats emerge,' the statement read.
The alert comes as US critical infrastructure sectors remain on high alert amid rising global tensions. Both ISACs encourage companies not currently participating in their information-sharing networks to join voluntarily in order to strengthen the broader industry's cyber defenses.
The Food and Ag-ISAC, launched in 2023, provides threat intelligence and incident response resources for the food and agriculture sector.
4 Iran's Supreme Leader Ayatollah Ali Khamenei has vowed that his country 'won't surrender.'
via REUTERS
The IT-ISAC, founded in 2000, supports companies across the technology space with curated cyber threat analysis and collaborative security tools.
Iran's Supreme Leader Ayatollah Ali Khamenei has vowed that the country 'won't surrender,' issuing a warning that any American military involvement would result in 'irreparable consequences.'
His statement follows remarks from President Trump, who posted on social media that the US knows the whereabouts of Iran's top leadership but has chosen not to act—before declaring, 'UNCONDITIONAL SURRENDER!'
A White House official told the Wall Street Journal on Wednesday that Trump spoke by phone with Israeli Prime Minister Benjamin Netanyahu on Tuesday as military tensions escalated in the region.
4 Iran-linked hackers are believed to have launched cyber attacks against US targets during period of geopolitical unrest.
AFP via Getty Images
In recent days, the US has reinforced its military presence near Iran, with a third Navy destroyer entering the eastern Mediterranean and a second aircraft carrier strike group en route to the Arabian Sea.
Although the Pentagon has described the deployments as defensive in nature, the positioning could serve dual purposes — either to enable a potential joint offensive with Israel or to increase pressure on Iran to back down or negotiate.
Fighting between Israel and Iran has intensified, with reports of mounting casualties. A human-rights group said the death toll in Iran has climbed above 450, while Israeli authorities have reported 24 deaths resulting from Iranian missile attacks.
The Post has sought comment from the Iranian government.

Try Our AI Features

Explore what Daily8 AI can do for you:

Learn with AIFact CheckingText to SpeechAI Summary

Related Articles

Politico

12 minutes ago

• Politico

Pope Leo XIV warns of the dangers of AI on youth

Pope Leo XIV criticized the potential negative consequences of growing AI use in a message this week — an emerging through line of his papacy. The message, released by the Vatican this week , was directed to participants of an annual conference on artificial intelligence and its ethics in Rome. Despite noting AI's potential for good, the pope also said there is a possibility for 'misuse for selfish gain' and as a way to 'foment conflict and aggression.' 'All of us, I am sure, are concerned for children and young people, and the possible consequences of the use of AI on their intellectual and neurological development. Our youth must be helped, and not hindered, in their journey towards maturity and true responsibility,' the first American pontiff said. The pope's message on AI is part of a growing theme of his pontificate. In his first address to cardinals one month ago, he warned of the dangers of AI to 'human dignity,' POLITICO reported earlier this month. Even his choice of papal name — after Pope Leo XIII, who championed workers rights during the industrial revolution — was 'not a casual reference,' a Vatican spokesperson said shortly after the conclave ended. Leo's stance on AI is similar to that of his predecessor, Pope Francis, who warned in 2024 that our societies were experiencing a loss 'of the sense of what is human.' 'Access to data — however extensive — must not be confused with intelligence, which necessarily 'involves the person's openness to the ultimate questions of life and reflects an orientation toward the True and the Good,'' Leo said in his message.

Business Insider

25 minutes ago

• Business Insider

The Israel-Iran conflict is likely bad news for Russia's reliance on Shahed drones, UK intel says

As aerial strikes between Iran and Israel continue, Russia may be feeling the ripple effects across the Black Sea. "The conflict will likely negatively impact the future provision of Iranian military equipment to Russia," the UK Ministry of Defence said in an intelligence update on Thursday. The UK MOD said that "Iran has supplied significant quantities of one-way attack uncrewed aerial systems" to Russia, as well as having provided "extensive support" to its production of these drones. For the Kremlin, the timing of the latest Middle East conflict isn't entirely unwelcome; with global attention shifting to the Iran-Israel standoff, pressure on Russia over its invasion of Ukraine could ease. However, the conflict could also spark long-term issues for Russia, which continues to depend on Iran for Shahed drones and their parts. Iran has also supplied Russia with ballistic missiles and other munitions, the MOD said. Iran's Shahed drones have become a key weapon in the war in Ukraine. The Shahed-136, an Iranian-designed weapon that Moscow now also produces, has been at the heart of Russia's drone attacks on Ukraine, being used against cities and critical infrastructure. These drones can fly at speeds of over 115 mph with a nearly 90-pound explosive warhead. It's not clear what percentage of the drones Russia now produces itself, and how much it still relies on those coming from Iran. Friends in need The war in Ukraine has dragged on for more than three years, with Western nations continuing to funnel weapons and aid to Kyiv. Meanwhile, Iran has been one of Russia's most important military partners, and Tehran has played a crucial role in helping Russia scale up its domestic drone production, providing both equipment and technical expertise. A wide-ranging strategic partnership deal signed between Russia and Iran in January strengthened cooperation in areas like defense, energy, and trade, but it didn't commit either side to come to the other's aid in a conflict. That stands in sharp contrast to Russia's mutual defense arrangements with countries like Belarus and North Korea. If Iran becomes increasingly bogged down in a direct confrontation with Israel, its ability to keep any supply lines open to Russia would likely be compromised. A full-blown war might stretch Iran's military production capacity or expose it to international sanctions and strikes that disrupt its defense industry sector. Russia has already been weaning itself off Iran's Shaheds. Business Insider has reported on multiple attempts by Russia to build Shahed-like drones domestically. These include Russia's Geran-2 drones, which are similar to Shahed-136s but made with different materials, researchers at Conflict Armament Research told The New York Times last year. For now, the Kremlin is staying quiet — a likely sign it's trying to keep its options open. But as the latest Middle East conflict heats up, Russia may soon find that one of its closest alliances is less helpful than it once was.

Yahoo

28 minutes ago

• Yahoo

Cybercriminals breach Aflac as part of hacking spree against US insurance industry

Cybercriminals have breached insurance giant Aflac, potentially stealing Social Security numbers, insurance claims and health information, the company said Friday, the latest in a spree of hacks against the insurance industry. With billions of dollars in annual revenue and tens of millions of customers, Aflac is the biggest victim yet in the ongoing digital assault on US insurance companies that has the industry on edge and the FBI and private cyber experts scrambling to contain the fallout. Erie Insurance and Philadelphia Insurance Companies have also reported hacks this month, which in those cases have caused widespread disruptions to IT systems used to serve customers. All three insurance-company hacks are consistent with the techniques of a young and rampant cybercrime group known as Scattered Spider, people familiar the investigation tell CNN. 'This attack, like many insurance companies are currently experiencing, was caused by a sophisticated cybercrime group,' Aflac said in a statement on Friday, without naming Scattered Spider. Aflac said it 'stopped the intrusion within hours' after discovering it last week, that no ransomware was deployed, and that it continues to serve its customers. It was too early to tell, the company said, how much customer information may have been stolen, but the potential exposure is vast. Aflac is one of the largest providers of supplemental health insurance in the US for medical expenses that aren't covered by a primary provider. The hackers used 'social engineering' to worm their way into its network, according to Aflac. That tactic can involve duping someone into revealing security information to help gain access to a network. It's a hallmark of Scattered Spider attackers, who are known to pose as tech support to infiltrate big corporations. The loose group of cybercriminals is considered dangerous and unpredictable, in part because it is believed to be comprised of youths in the US and the UK known for aggressively extorting their victims. Scattered Spider shot to infamy in September 2023 when they were linked to a pair of multimillion-dollar hacks on famous Las Vegas casinos and hotels MGM Resorts and Caesars Entertainment. The hackers' tactics, and the way they target big swaths of American industries at a time, has cybersecurity executives pleading with companies to be wary of suspicious phone calls to their employees. Just last month, they were suspects in multiple cyberattacks on American retail companies. 'If Scattered Spider is targeting your industry, get help immediately,' said Cynthia Kaiser, who until last month was deputy assistant director of the FBI's Cyber Division and oversaw FBI teams investigating the hackers. 'They can execute their full attacks in hours. Most other ransomware groups take days.' Scattered Spider often registers web domains that look very much like trusted help desks that companies use for IT support, the cybersecurity firm Halcyon, where Kaiser now works, says in a forthcoming report. While concerns about Iranian cyber capabilities are in the news because of the Israel-Iran war, 'the threat I lose sleep over is Scattered Spider,' said John Hultquist, chief analyst at Google's Threat Intelligence Group. 'They are already taking food off shelves and freezing businesses. The Iranian hackers may not even have Internet access, but these kids are in play right now.'