Escalation In Iranian Cyber Operations: A Shift Toward Espionage
Iranian cyber operations aimed at Western entities are becoming increasingly sophisticated as part of a broader trend among state-sponsored hacking groups.
In a report published on Thursday discussing the global cybersecurity landscape, Microsoft researchers have concluded that state-backed cyber operations are growing in sophistication and aggressiveness, often combining efforts to breach computer systems with information campaigns to disseminate propaganda and towards espionage.
Over the past year, Iranian cyber operators have intensified their activities, showcasing improved offensive cyber capabilities. They have combined basic operations with complex influence campaigns designed to have geopolitical impacts. Microsoft's researchers believe that Tehran views such tools as a means to counter perceived efforts to incite unrest within Iran.
Sherrod DeGrippo, Microsoft's Director of Threat Intelligence Strategy, noted that Iranian cyber operations have become more deliberate and focused, particularly in their targeting.
“They’re getting better at leveraging vulnerabilities, they’re getting better at focused, real cyber operations, so we see them evolving,” she added.
Microsoft's comprehensive 131-page report, its fourth annual Digital Defense Report, examined broad themes within cyber operations and cybercrime landscapes and how these trends affect governments and private organizations worldwide.
In mid-April, Microsoft also reported a change in the strategy of the Iranian hacking group known as "Charming Kitten" through the release of a special report. The report also raised concerns about the potential for destructive cyberattacks by cyber groups affiliated with the Islamic Republic.