Israel has been targeted the most by Iranian and Iranian-sponsored cyberattacks in the last six months, as per a report released Wednesday by Microsoft.
Other stories:
Based on the company's data, 23% of Iranian attacks between October 2022 and March 2023 were targeted at Israel, followed by 13% towards the United States, 8% against the United Arab Emirates, and 5% aimed at Saudi Arabia.
According to the report, Iran has escalated its campaigns to influence public opinion in different countries starting in June 2022. A total of 24 such campaigns were detected last year, with 17 of them taking place between June and December, a significant jump from the seven recorded in 2021.
Cotton Sandstorm, a group labeled by Microsoft as an Iranian government actor, is responsible for most of these operations. The U.S. has previously sanctioned the group due to its efforts to interfere in the 2020 presidential elections.
According to the report, alongside the rise in influence campaigns, there has been a decrease in ransomware and wiper attacks, which involve wiping/overwriting/removing a victim's data and were very common in the two years prior.
Microsoft reported that the Iranian campaigns aimed to reinforce what it calls the "Palestinian resistance," incite riots in Bahrain and impede the normalization of relations between Israel and Arab states, with an emphasis on spreading panic and terror among Israeli citizens. The report also connects Iran to the recent cyberattack that caused the shutdown of irrigation systems in agricultural areas in northern Israel.
According to Microsoft's estimate, the trend is expected to continue, with a focus on revenge for foreign cyberattacks and the perceived incitement of protests within Iran by the Jewish state and its allies.
Israel and the United States face the highest risk in the near future due to Tehran's rapprochement with Saudi Arabia and the diplomatic rift between Washington and other countries in the Persian Gulf.