Latest news with #IT-ISAC
New York Post
3 days ago
- Business
- New York Post
US businesses warned to brace for Iranian cyberattacks as war with Israel escalates
Two leading US cybersecurity organizations are urging American businesses to brace for a potential wave of cyberattacks from Iran as the country is engaged in escalating hostilities with Israel. The Information Technology — Information Sharing and Analysis Center (IT-ISAC) and the Food and Agriculture Information Sharing and Analysis Center (Food and Ag-ISAC) issued a joint statement last week warning that the conflict could trigger a surge in cyber activity from Iranian-linked actors targeting American companies. 'Historically, Iranian state-sponsored actors, pro-Iran hacktivist groups, and financially motivated cybercriminals have launched attacks against US organizations during periods of heightened conflict,' the statement said. 4 Two leading US cybersecurity organizations are urging American businesses to brace for a potential wave of cyberattacks from Iran. Rumana – The two ISACs called on businesses across all sectors — especially those in critical infrastructure — to 'take immediate steps to proactively assess their cyber preparedness, enhance their defenses, and prepare for a range of cyber activity, some of which could potentially be disruptive.' Iranian-affiliated threat actors are known for their aggressive and adaptive tactics, techniques and procedures (TTPs) — a cybersecurity term that describes how hackers or cybercriminal groups plan and carry out attacks in the digital world. The two cybersecurity groups emphasized the importance of raising internal awareness, boosting monitoring for suspicious behavior and training employees to report phishing emails and malicious links. 'Preparedness is critical to resilience,' the organizations wrote. 'Now is the time for companies to become familiar with Iranian-affiliated threat actors and their TTPs, assess their own cybersecurity posture, strengthen their defenses, begin heightened monitoring for suspicious activity, and remind employees to report suspicious emails and links.' The ISACs also highlighted the risks of collateral damage, noting that attacks aimed directly at Israeli targets could inadvertently impact US companies through the global interconnectedness of digital networks. 4 Israeli air defense systems are activated to intercept Iranian missiles over Tel Aviv on Wednesday. AFP via Getty Images 'Even attacks not directly targeting the US could have indirect effects and cause disruptions to companies in the US,' the statement warned. 'It is possible that cyber attacks targeting Israel itself could cause collateral damage to US companies, even if the US companies themselves are not the intended target.' Both organizations said they are continuing to monitor the situation and provide real-time intelligence to member companies. They noted that their member base is actively using tools such as adversary attack playbooks and secure collaboration channels to stay ahead of emerging threats. 'The Food and Ag-ISAC and IT-ISAC will continue to monitor the situation and provide timely intelligence updates as new threats emerge,' the statement read. The alert comes as US critical infrastructure sectors remain on high alert amid rising global tensions. Both ISACs encourage companies not currently participating in their information-sharing networks to join voluntarily in order to strengthen the broader industry's cyber defenses. The Food and Ag-ISAC, launched in 2023, provides threat intelligence and incident response resources for the food and agriculture sector. 4 Iran's Supreme Leader Ayatollah Ali Khamenei has vowed that his country 'won't surrender.' via REUTERS The IT-ISAC, founded in 2000, supports companies across the technology space with curated cyber threat analysis and collaborative security tools. Iran's Supreme Leader Ayatollah Ali Khamenei has vowed that the country 'won't surrender,' issuing a warning that any American military involvement would result in 'irreparable consequences.' His statement follows remarks from President Trump, who posted on social media that the US knows the whereabouts of Iran's top leadership but has chosen not to act—before declaring, 'UNCONDITIONAL SURRENDER!' A White House official told the Wall Street Journal on Wednesday that Trump spoke by phone with Israeli Prime Minister Benjamin Netanyahu on Tuesday as military tensions escalated in the region. 4 Iran-linked hackers are believed to have launched cyber attacks against US targets during period of geopolitical unrest. AFP via Getty Images In recent days, the US has reinforced its military presence near Iran, with a third Navy destroyer entering the eastern Mediterranean and a second aircraft carrier strike group en route to the Arabian Sea. Although the Pentagon has described the deployments as defensive in nature, the positioning could serve dual purposes — either to enable a potential joint offensive with Israel or to increase pressure on Iran to back down or negotiate. Fighting between Israel and Iran has intensified, with reports of mounting casualties. A human-rights group said the death toll in Iran has climbed above 450, while Israeli authorities have reported 24 deaths resulting from Iranian missile attacks. The Post has sought comment from the Iranian government.
Axios
3 days ago
- Business
- Axios
U.S. companies brace for Israel-Iran cyber spillover
As Israel and Iran exchange airstrikes, cybersecurity experts are warning that a quieter, but still destructive, digital conflict is unfolding behind the scenes. And U.S. companies could soon find themselves in the blast radius. Why it matters: Iran and Israel are home to some of the world's most skilled hackers. Escalating tensions between the two could spill over into cyberspace, potentially disrupting critical infrastructure, commercial networks and global supply chains. Driving the news: U.S. cybersecurity organizations are urging businesses to remain on high alert for possible Iranian cyberattacks on domestic infrastructure. The Food and Ag-ISAC and the IT-ISAC published a joint statement Friday urging companies to proactively bolster their defenses, noting a history of Iranian state-sponsored hackers and hacktivism targeting U.S. critical infrastructure during previous conflicts. Radware, a U.S.-based cybersecurity firm, estimated there's been a 700% increase in Iranian cyberattacks against Israeli targets since Israel launched its initial missile strike on Tehran on June 12. Threat level: The scale and nature of potential Iranian cyberattacks on American organizations will likely depend on how the U.S. responds to the broader military conflict. As of now, the Trump administration has told allies it will not intervene unless Iran directly targets Americans. But if that decision changes, Iran could redirect cyber resources toward state-sponsored ransomware campaigns or wiper malware attacks on U.S. infrastructure, Austin Warnick, director of national security intelligence at Flashpoint, told Axios. Zoom in: Gil Messing, chief of staff at Israel-based Check Point Software Technologies, told Axios that he's observed several disinformation campaigns appearing to originate from Iranian-linked actors in the days following the strikes. One such campaign involved a text message sent to thousands of Israelis warning that fuel supplies would be halted at gas stations for 24 hours. Another message falsely warned of a possible terrorist attack at a regional shelter, urging recipients to avoid the area — an apparent attempt to sow panic during missile attacks. Both messages were crafted to appear as if they came from Israel's Home Front Command, but they were fake, Messing said. He added that he's also seen lower-level cyber activity potentially linked to Iran, including DDoS attacks and phishing campaigns. What they're saying:"Their main objective is intimidation, fake news, [and] disinformation, much more than anything else," Messing told Axios. He added that much of the current Iranian cyber activity is "lower profile" — in part because Tehran appears to be focusing the bulk of its resources on physical warfare right now. The big picture: During traditional military conflicts, cyberattacks are often deployed to incite fear and confusion among civilians. More destructive operations — such as infrastructure attacks — tend to emerge only in the lead-up to major strikes or invasions, as seen before Russia's 2022 invasion of Ukraine. Messing said that's why Iran appears to be focusing on disinformation and smaller-scale attacks so far. The goal currently is to incite fear. Reality check: Israel also poses a formidable cyber threat in this conflict. However, its digital offensives are expected to remain focused on Iranian targets, Warnick said. A pro-Israel hacking group claimed responsibility for a cyberattack this morning on Iran's Bank Sepah, causing widespread outages. The group also claims it "destroyed" all of the bank's data. Israel has a long history of sophisticated cyber operations, most notably the Stuxnet attack that targeted Iran's nuclear program. Its intelligence units, particularly Unit 8200, are also known for advanced cyber espionage capabilities.
