Inside Iran's Cyber Objectives: What Do They Want?
The regime's cyber-espionage strategy employs dual-use targeting, collecting info that can support both military needs and broader political objectives.
Coverage of cybersecurity incidents, policy, privacy, public services, advisories, and regional effects connected to Iran.
Search across headline titles and summaries.
Background for this topic.
Iran covers cybersecurity and information-security developments connected to Iran, including incidents, policy, privacy, advisories, research, and news affecting organizations, public services, and digital systems in the area.
For practitioners, the tag provides geographic context for developments involving Iran's organizations, services, partners, and users. Individual articles provide the specific technologies, threats, sectors, and operational implications relevant to each development.
The regime's cyber-espionage strategy employs dual-use targeting, collecting info that can support both military needs and broader political objectives.
Threat actors with ties to Iran engaged in cyber warfare as part of efforts to facilitate and enhance physical, real-world attacks, a trend that Amazon has called cyber-enabled kinetic targeting
Hacking Group Deploys Raft of Custom Malware VariantsAn Iranian state hacking group with a history of targeting aerospace, aviation and defense industries across the Middle East has improved its tooling with multiple custom malware variants, warned Google. The group, tracked as UNC1549, is suspected of ties to the Iranian Revolutionary Guard Corps.
Researchers say Israel remains a central focus, with UNC1549 targeting aerospace and defense entities in the US, the UAE, Qatar, Spain, and Saudi Arabia.
Suspected espionage-driven threat actors from Iran have been observed deploying backdoors like TWOSTROKE and DEEPROOT as part of continued attacks aimed at aerospace, aviation, and defense industries in the Middle East