CP
cyberpings
Threat IntelHIGH

Cybercrime - Surge of 245% Linked to Iran Conflict

REThe Register Security
AkamaiIrancybercrimeDDoShacktivism
🎯

Basically, cybercrime has increased a lot since the Iran war started.

Quick Summary

Cybercrime has surged by 245% since the start of the Iran war. Banks and businesses worldwide are facing increased threats. This situation poses serious risks to security and infrastructure.

The Threat

Cybercrime has seen a staggering 245% increase since the onset of the Iran war, according to a report by Akamai. This surge encompasses various malicious activities, including credential harvesting and automated reconnaissance targeting critical sectors like banking and fintech. The conflict has not only escalated traditional cyber threats but has also opened new avenues for hacktivists and cybercriminals to exploit geopolitical tensions.

The report highlights that 40% of the malicious traffic is directed at banking and fintech, followed by e-commerce at 25% and video games at 15%. This indicates that cybercriminals are not just targeting high-profile entities but are also casting a wide net across various industries. The spike in cyber incidents is a clear signal that organizations need to bolster their defenses.

Who's Behind It

While the Iranian regime is implicated in some of these activities, the report reveals that only 14% of the malicious traffic originates from Iran. The majority comes from Russia (35%) and China (28%). This suggests that geopolitical hacktivists are leveraging proxy services in these countries to launch attacks. The involvement of pro-Russian hacktivists is particularly concerning, as they are expanding the attack surface in the Middle East, potentially exposing regional infrastructure to high-disruption tactics.

Groups like Handala, believed to be linked to Iran's Ministry of Intelligence, exemplify how state-sponsored actors are using cyber capabilities to further their geopolitical agendas. This intertwining of state and non-state actors complicates the cybersecurity landscape significantly.

Tactics & Techniques

The types of cyber activities reported include a 70% increase in botnet-driven discovery traffic and a 65% rise in automated reconnaissance efforts. Credential harvesting attempts have surged by 45%, and there is a notable uptick in reconnaissance ahead of DDoS attacks, which have increased by 38%. These tactics indicate a well-coordinated effort to exploit vulnerabilities in critical infrastructure and services.

Akamai's findings suggest that organizations, especially those in sensitive sectors, should consider blocking traffic from regions where they do not conduct business. This proactive measure could mitigate risks associated with geopolitical conflicts and cyber threats.

Defensive Measures

To combat this surge in cybercrime, organizations must adopt a multi-layered security strategy. Implementing robust firewalls, intrusion detection systems, and regular security audits can help identify vulnerabilities before they are exploited. Additionally, educating employees about phishing and other social engineering tactics is crucial in building a resilient defense.

As the conflict continues, the likelihood of cyberattacks remains high. Organizations should stay vigilant and prepared for potential disruptions. Akamai recommends that businesses take these threats seriously and adapt their security measures accordingly to safeguard their operations against the evolving landscape of cybercrime.

🔒 Pro insight: The geopolitical landscape is intensifying cyber threats; expect increased activity from state-sponsored and hacktivist groups targeting critical infrastructure.

Original article from

The Register Security

Read Full Article

Share

Related Pings

HIGHThreat Intel

Microsoft Teams Phishing Campaigns - Rapid7 Guidance Alert

Rapid7 has identified a rise in phishing campaigns using Microsoft Teams. Threat actors impersonate IT departments to trick users into granting remote access. This poses a serious risk to organizational security.

Rapid7 Blog·
HIGHThreat Intel

Cyberattack - Disrupts Parking Payments in Russian City

A cyberattack in Perm, Russia, disrupted parking payments, making them free for several days. City officials confirmed the system is now operational again. This incident highlights ongoing cybersecurity threats affecting urban infrastructure in the region.

The Record·
HIGHThreat Intel

Threat Intel - 2025 Identity Threat Landscape Revealed

Credential theft is skyrocketing, with millions of passwords exposed. Organizations need to act fast to protect sensitive data. Discover how infostealer malware is evolving and what steps to take.

Recorded Future Blog·
HIGHThreat Intel

Threat Intelligence - Key Cyberattack Insights Revealed

A major cyberattack on Stryker disrupts global operations, with Handala Hack claiming responsibility. Other breaches include Telus and Signal, highlighting ongoing threats. Stay alert and informed.

Check Point Research·
HIGHThreat Intel

Threat Intel - Weekly Recap on Chrome 0-Days and Botnets

This week saw critical vulnerabilities in Chrome and AWS breaches. Major botnets like SocksEscort and KadNap are exploiting network devices, posing serious risks. Stay informed and secure your systems!

The Hacker News·
HIGHThreat Intel

Signal Account Takeover - Targeting German Officials Explained

A wave of cyberattacks has targeted German officials, including a former BND VP. Hackers impersonate Signal support to hijack accounts, raising serious security concerns. Authorities urge users to stay vigilant and report suspicious activity.

Security Affairs·