Iran Expanding Its Cyber Influence Operations Globally: Microsoft

Tech giant Microsoft warns Iran continues to be a global threat with its state-backed hackers expanding their activities.

To achieve its geopolitical goals, Iran is now expanding its cyber playbook to include disinformation campaigns, Microsoft said in a report on Tuesday.

According to the report, the Iranian government has been involved in 24 "cyber-enabled influence operations" in 2022, three times higher than 2021, when there were seven.

The majority of these operations are attributed to Emennet Pasargad, a sanctioned Iranian state actor that is seeking to undermine the poll integrity in 2020.

“[Iran] is now supplementing its traditional cyberattacks with a new playbook, leveraging cyber-enabled influence operations (IO),” added the big tech firm.

Although Iranian techniques may have changed, their targets have not. Persian Gulf states, prominent Iranian opposition figures and groups, and Israel remain the targets of these operations.

Accordingly, Iran directed nearly a quarter (23%) of its cyber operations against Israel between October of 2022 and March of 2023, with the United States, United Arab Emirates, and Saudi Arabia also bearing the brunt of these efforts.

“Iranian cyberattacks and influence operations are likely to remain focused on retaliating against foreign cyberattacks and perceived incitement of protests inside Iran,” warns Microsoft.

Microsoft Threat Intelligence revealed a threat from the Iranian hackers, known as "Mint Sandstorm" in April claiming they are targeting critical US infrastructure including transport, energy and ports.