{"id":46630,"date":"2026-04-10T11:31:20","date_gmt":"2026-04-10T11:31:20","guid":{"rendered":"https:\/\/foreignnewstoday.com\/?p=46630"},"modified":"2026-04-10T11:31:20","modified_gmt":"2026-04-10T11:31:20","slug":"beyond-wipers-iran-backed-cyber-attacks-and-the-threat-to-businesses","status":"publish","type":"post","link":"https:\/\/foreignnewstoday.com\/?p=46630","title":{"rendered":"Beyond wipers: Iran-backed cyber attacks and the threat to businesses"},"content":{"rendered":"<p><br \/>\n<br \/><\/p>\n<div id=\"article-body\">\n<p id=\"elk-21d77c63-642a-49a8-b673-2e6b77319521\">Over the last few years, the threat from Iran-based cyberattacks has been quietly growing. The country was not previously seen as the most <a data-analytics-id=\"inline-link\" href=\"https:\/\/www.itpro.com\/security\/cyber-attacks\/the-iran-cyber-threat\" data-url=\"https:\/\/www.itpro.com\/security\/cyber-attacks\/the-iran-cyber-threat\" data-hl-processed=\"none\" data-mrf-recirculation=\"inline-link\" data-before-rewrite-localise=\"https:\/\/www.itpro.com\/security\/cyber-attacks\/the-iran-cyber-threat\"><u>capable nation state<\/u><\/a>, compared to its fellow <a data-analytics-id=\"inline-link\" href=\"https:\/\/www.itpro.com\/security\/cyber-attacks\/crink-attacks-nation-state-hackers--threat-2026\" data-url=\"https:\/\/www.itpro.com\/security\/cyber-attacks\/crink-attacks-nation-state-hackers--threat-2026\" data-hl-processed=\"none\" data-mrf-recirculation=\"inline-link\" data-before-rewrite-localise=\"https:\/\/www.itpro.com\/security\/cyber-attacks\/crink-attacks-nation-state-hackers--threat-2026\"><u>CRINK<\/u><\/a> adversaries, but when Israel and the US hit Iran with airstrikes at the end of February, along with <a data-analytics-id=\"inline-link\" href=\"https:\/\/www.csis.org\/analysis\/how-will-cyber-warfare-shape-us-israel-conflict-iran\" target=\"_blank\" data-url=\"https:\/\/www.csis.org\/analysis\/how-will-cyber-warfare-shape-us-israel-conflict-iran\" referrerpolicy=\"no-referrer-when-downgrade\" data-hl-processed=\"none\" data-mrf-recirculation=\"inline-link\"><u>cyber operations<\/u><\/a>, the threat began to escalate.<\/p>\n<p id=\"elk-b8be2420-1b2b-4d80-ad89-f824ba35c947\">At the start of March, the UK <a data-analytics-id=\"inline-link\" href=\"https:\/\/www.itpro.com\/security\/what-is-the-national-cyber-security-centre-ncsc-and-what-does-it-do\" data-url=\"https:\/\/www.itpro.com\/security\/what-is-the-national-cyber-security-centre-ncsc-and-what-does-it-do\" data-hl-processed=\"none\" data-mrf-recirculation=\"inline-link\" data-before-rewrite-localise=\"https:\/\/www.itpro.com\/security\/what-is-the-national-cyber-security-centre-ncsc-and-what-does-it-do\"><u>National Cyber Security Center (NCSC)<\/u><\/a> issued a <a data-analytics-id=\"inline-link\" href=\"https:\/\/www.ncsc.gov.uk\/news\/ncsc-advises-uk-organisations-take-action-following-conflict-in-middle-east\" target=\"_blank\" data-url=\"https:\/\/www.ncsc.gov.uk\/news\/ncsc-advises-uk-organisations-take-action-following-conflict-in-middle-east\" referrerpolicy=\"no-referrer-when-downgrade\" data-hl-processed=\"none\" data-mrf-recirculation=\"inline-link\"><u>warning<\/u><\/a> that there \u201cis almost certainly a heightened risk of indirect cyber threat\u201d for organizations who have a presence or supply chains in the Middle East.<\/p>\n<p><a id=\"elk-seasonal\"\/><\/p>\n<aside data-block-type=\"embed\" data-render-type=\"fte\" data-skip=\"dealsy\" data-widget-type=\"seasonal\" class=\"hawk-root\"\/>\n<p id=\"elk-13bccc2f-0683-4dd5-9207-8f9baf58d353-0\">Then in mid-March, a suspected <a data-analytics-id=\"inline-link\" href=\"https:\/\/industrialcyber.co\/medical\/suspected-iran-linked-cyberattack-hits-medical-technology-giant-stryker-amid-middle-east-tensions\/\" target=\"_blank\" data-url=\"https:\/\/industrialcyber.co\/medical\/suspected-iran-linked-cyberattack-hits-medical-technology-giant-stryker-amid-middle-east-tensions\/\" referrerpolicy=\"no-referrer-when-downgrade\" data-hl-processed=\"none\" data-mrf-recirculation=\"inline-link\"><u>Iran-linked cyberattack<\/u><\/a> disrupted global systems at medical technology giant <a data-analytics-id=\"inline-link\" href=\"https:\/\/www.itpro.com\/technology\/artificial-intelligence\/its-destructive-not-ransomware-security-experts-weigh-in-on-motivation-behind-stryker-cyber-attack\" data-url=\"https:\/\/www.itpro.com\/technology\/artificial-intelligence\/its-destructive-not-ransomware-security-experts-weigh-in-on-motivation-behind-stryker-cyber-attack\" data-hl-processed=\"none\" data-mrf-recirculation=\"inline-link\" data-before-rewrite-localise=\"https:\/\/www.itpro.com\/technology\/artificial-intelligence\/its-destructive-not-ransomware-security-experts-weigh-in-on-motivation-behind-stryker-cyber-attack\"><u>Stryker<\/u><\/a>.<\/p>\n<p id=\"elk-272c13b7-b4a4-43a7-ab07-24a0fc02a71b\">US-based security firm DigiCert <a data-analytics-id=\"inline-link\" href=\"https:\/\/www.washingtonpost.com\/business\/2026\/03\/29\/iran-us-war-israel-data-centers-hacking\/2fd3a7e0-2b24-11f1-a0f2-3ba4c9fe08ac_story.html\" target=\"_blank\" data-url=\"https:\/\/www.washingtonpost.com\/business\/2026\/03\/29\/iran-us-war-israel-data-centers-hacking\/2fd3a7e0-2b24-11f1-a0f2-3ba4c9fe08ac_story.html\" referrerpolicy=\"no-referrer-when-downgrade\" data-hl-processed=\"none\" data-mrf-recirculation=\"inline-link\"><u>has tracked<\/u><\/a> 5,800 cyberattacks mounted by 50 different groups tied to Iran. So what\u2019s the real threat to business in the US and UK during the current critical situation?<\/p>\n<p><a id=\"elk-c1f42737-9b59-4e01-a23d-4d0e3b41804c\"\/><\/p>\n<h2 id=\"the-current-threat-3\">The current threat<\/h2>\n<p id=\"elk-a77beb10-63f0-496d-aabd-dc702363c396\">From a tactical point of view, Iran\u2019s plan is to \u201cleverage global economic pain through any means\u201d, according to Ian Thornton-Trump, CISO at Inversion6.<\/p>\n<p id=\"elk-ec810d75-f688-4fcb-8999-e2fabb5c0129\">This includes cyber attacks to allow the regime to stay in power, he explains. \u201cIran aims to survive and extract concessions by weaponizing vulnerabilities in energy supply chains and chokepoints, with cyber operations as cost\u2011effective force multipliers.\u201d<\/p>\n<p id=\"elk-7a07ef6a-e4a0-4de4-ba5b-7280f7288a0f\">Adding to complexity, it isn\u2019t always clear who is perpetrating attacks. Using proxies and cyber fronts helps Iran \u201cmaintain legal and attributional fog\u201d, complicating retaliation and \u201ckeeping the country below thresholds that would unify great\u2011power opposition\u201d, according to Thornton-Trump.<\/p>\n<div id=\"slice-container-newsletterForm-articleInbodyContent-ZSqjakTNDPMf7AhXB8NrHC\" class=\"slice-container newsletter-inbodyContent-slice newsletterForm-articleInbodyContent-ZSqjakTNDPMf7AhXB8NrHC slice-container-newsletterForm\">\n<div data-hydrate=\"true\" class=\"newsletter-form__wrapper newsletter-form__wrapper--inbodyContent\">\n<div class=\"newsletter-form__container\">\n<section class=\"newsletter-form__top-bar\"\/>\n<section class=\"newsletter-form__main-section\">\n<p class=\"newsletter-form__strapline\">Sign up today and you will receive a free copy of our Future Focus 2025 report &#8211; the leading guidance on AI, cybersecurity and other IT challenges as per 700+ senior executives<\/p>\n<\/section>\n<\/div>\n<\/div>\n<\/div>\n<p id=\"elk-02a21eff-0787-4ccf-bb21-19c56941edd3\">Handala \u2013 the group that <a data-analytics-id=\"inline-link\" href=\"https:\/\/www.aljazeera.com\/news\/2026\/3\/11\/iran-linked-hackers-hit-medical-giant-stryker-in-retaliatory-cyberattack\" target=\"_blank\" data-url=\"https:\/\/www.aljazeera.com\/news\/2026\/3\/11\/iran-linked-hackers-hit-medical-giant-stryker-in-retaliatory-cyberattack\" referrerpolicy=\"no-referrer-when-downgrade\" data-hl-processed=\"none\" data-mrf-recirculation=\"inline-link\"><u>claimed it had attacked Stryker<\/u><\/a> in retaliation for US strikes \u2013 is widely regarded as a <a data-analytics-id=\"inline-link\" href=\"https:\/\/www.wired.com\/story\/handala-hacker-group-iran-us-israel-war\/\" target=\"_blank\" data-url=\"https:\/\/www.wired.com\/story\/handala-hacker-group-iran-us-israel-war\/\" referrerpolicy=\"no-referrer-when-downgrade\" data-hl-processed=\"none\" data-mrf-recirculation=\"inline-link\"><u>front for Iran&#8217;s Ministry of Intelligence<\/u><\/a>. In the March attack, the hacking collective claimed to have wiped more than 200,000 devices and forced Stryker to shut down offices in dozens of countries. This attack is relevant to businesses, experts say.<\/p>\n<p id=\"elk-e030eecd-da97-4698-a84a-9a2fce22d200\">\u201cWe need to be alert to how it weaponised Microsoft Intune, the same legitimate device management tool in widespread use in UK business, to trigger mass remote wipes,\u201d says Rob Anderson, head of reactive consulting services at Reliance Cyber.<\/p>\n<p><a id=\"elk-ccf6094d-ab0f-4b13-be29-0293634e213f\"\/><\/p>\n<h2 id=\"covert-attacks-3\">Covert attacks<\/h2>\n<p id=\"elk-e8104a28-ceb2-4bc0-acb6-46a0b1be2488\">Wipers are a long-time tactic of Iran, and will continue to pose issues. But another thing to be aware of is how the nationwide internet outage since 28 February is impacting the cyber environment in Iran, according to the US <a data-analytics-id=\"inline-link\" href=\"https:\/\/www.csis.org\/analysis\/how-will-cyber-warfare-shape-us-israel-conflict-iran\" target=\"_blank\" data-url=\"https:\/\/www.csis.org\/analysis\/how-will-cyber-warfare-shape-us-israel-conflict-iran\" referrerpolicy=\"no-referrer-when-downgrade\" data-hl-processed=\"none\" data-mrf-recirculation=\"inline-link\"><u>Center for Strategic and International Studies<\/u><\/a>.<\/p>\n<p id=\"elk-1c19279d-041e-455b-9234-9d5e2a1051b1\">The current blackout could \u201cfunction as a defensive cyber tool for the regime to reduce the effectiveness of additional cyber intrusions and information operations from outside the country\u201d, it said. At the same time, connectivity loss complicates attribution of future cyber incidents, obscuring whether disruptions originate from state-imposed controls or external cyberattacks.<\/p>\n<p id=\"elk-32b0282b-c2fc-42b1-b075-943286a0e31a\">Meanwhile, there is another immediate cyber threat from \u201cthe activation of long-standing access within Western networks\u201d, according to Ruth Wandhofer, head of European markets at Blackwired.<\/p>\n<p id=\"elk-4b94520c-df2a-44ce-a8bd-2dbfc0458b4e\">For businesses across the globe, the real threat is \u201ca long tail of proxy actors, diaspora hacktivists and pre-planted access that was quietly embedded in Western networks long before the first missile flew\u201d, agrees Anderson. \u201cThese cells don&#8217;t need Tehran online to act. Despite the blackout, approximately 60 hacktivist groups, including pro-Russian collectives activated outside Iran within days of the strikes.\u201d<\/p>\n<p id=\"elk-1be54261-beee-4181-b2c4-d60daee13359\">For years, Iranian-aligned actors have \u201cquietly implanted <a data-analytics-id=\"inline-link\" href=\"https:\/\/www.itpro.com\/malware\/28076\/what-is-malware\" data-url=\"https:\/\/www.itpro.com\/malware\/28076\/what-is-malware\" data-hl-processed=\"none\" data-mrf-recirculation=\"inline-link\" data-before-rewrite-localise=\"https:\/\/www.itpro.com\/malware\/28076\/what-is-malware\"><u>malware<\/u><\/a>, <a data-analytics-id=\"inline-link\" href=\"https:\/\/www.itpro.com\/security\/cyber-attacks\/credential-theft-has-surged-160-percent-in-2025\" data-url=\"https:\/\/www.itpro.com\/security\/cyber-attacks\/credential-theft-has-surged-160-percent-in-2025\" data-hl-processed=\"none\" data-mrf-recirculation=\"inline-link\" data-before-rewrite-localise=\"https:\/\/www.itpro.com\/security\/cyber-attacks\/credential-theft-has-surged-160-percent-in-2025\"><u>compromised credentials<\/u><\/a> and maintained <a data-analytics-id=\"inline-link\" href=\"https:\/\/www.itpro.com\/security\/stealthy-malware-the-threats-hiding-in-plain-sight\" data-url=\"https:\/\/www.itpro.com\/security\/stealthy-malware-the-threats-hiding-in-plain-sight\" data-hl-processed=\"none\" data-mrf-recirculation=\"inline-link\" data-before-rewrite-localise=\"https:\/\/www.itpro.com\/security\/stealthy-malware-the-threats-hiding-in-plain-sight\"><u>persistent footholds<\/u><\/a> in sectors such as healthcare, logistics, aviation and energy\u201d, Wandhofer says.<\/p>\n<p id=\"elk-fbc9b195-6a45-4403-89c5-1b1f1bebb4d8\">At the same time, Iran-linked hackers are still using traditional techniques such as wiper malware, <a data-analytics-id=\"inline-link\" href=\"https:\/\/www.itpro.com\/security\/29093\/what-is-phishing\" data-url=\"https:\/\/www.itpro.com\/security\/29093\/what-is-phishing\" data-hl-processed=\"none\" data-mrf-recirculation=\"inline-link\" data-before-rewrite-localise=\"https:\/\/www.itpro.com\/security\/29093\/what-is-phishing\"><u>phishing<\/u><\/a>, credential theft and remote access tools. \u201cBut they are now deployed in coordinated campaigns \u2013 as seen in the Stryker attack,\u201d says Wandhofer.<\/p>\n<p id=\"elk-85e62ca8-0abc-400e-ba51-f0bfde16f27b\">Iran could also ramp up its use of <a data-analytics-id=\"inline-link\" href=\"https:\/\/www.itpro.com\/security\/28026\/what-is-a-ddos-attack\" data-url=\"https:\/\/www.itpro.com\/security\/28026\/what-is-a-ddos-attack\" data-hl-processed=\"none\" data-mrf-recirculation=\"inline-link\" data-before-rewrite-localise=\"https:\/\/www.itpro.com\/security\/28026\/what-is-a-ddos-attack\"><u>distributed denial of service (DDoS)<\/u><\/a> attacks, which are not necessarily sophisticated, but can be disruptive.<\/p>\n<p id=\"elk-72d96842-3a12-4e99-9128-5cc1a9f9a78e\">Travis DeForge, director of cyber security at Abacus describes how Iran-linked adversaries could hit public sector and <a data-analytics-id=\"inline-link\" href=\"https:\/\/www.itpro.com\/security\/cyber-attacks\/threat-posed-cyber-attacks-on-critical-national-infrastructure\" data-url=\"https:\/\/www.itpro.com\/security\/cyber-attacks\/threat-posed-cyber-attacks-on-critical-national-infrastructure\" data-hl-processed=\"none\" data-mrf-recirculation=\"inline-link\" data-before-rewrite-localise=\"https:\/\/www.itpro.com\/security\/cyber-attacks\/threat-posed-cyber-attacks-on-critical-national-infrastructure\"><u>critical services<\/u><\/a> with DDoS. \u201cNot only is it extremely disruptive, they also get a big pay-off in propaganda value.\u201d<\/p>\n<p><a id=\"elk-1cc0899a-f6d5-4bc1-a2b0-1e50de83feea\"\/><\/p>\n<h2 id=\"business-targets-for-iran-backed-hackers-3\">Business targets for Iran-backed hackers<\/h2>\n<p id=\"elk-95ab56f5-057d-4b02-85d6-6d1abf649034\">Any public sector or critical infrastructure organization is a target for Iran, as is any company with a presence in the Middle East, according to DeForge. \u201cThat can extend to obvious supply chain links,\u201d he adds.<\/p>\n<p id=\"elk-0a8d20e9-ef87-48ff-9739-dc62fe66d999\">Energy, healthcare, defense supply chains and financial services top the list. US defense contractors, government vendors and businesses with Israeli ties face \u201cthe sharpest direct exposure\u201d, says Anderson. \u201cBut critical infrastructure such as hospitals, ports, water plants and railways are squarely in scope too.\u201d<\/p>\n<p id=\"elk-8f7257a4-402c-4b08-af38-78d43ac92a74\">Iran amplifies kinetic pressure by \u201cprobing for cascading failure in digitally-interconnected energy and trade systems\u201d, says Thornton-Trump, \u201cThese include port operations and shipping lanes to refineries and grids, accelerating market panic and political pressure on its adversaries.\u201d<\/p>\n<p id=\"elk-2f8ce224-b4ba-4d9e-9ae8-bb3e43a03f47\"><a data-analytics-id=\"inline-link\" href=\"https:\/\/attack.mitre.org\/groups\/G0049\/\" data-url=\"https:\/\/attack.mitre.org\/groups\/G0049\/\" target=\"_blank\" referrerpolicy=\"no-referrer-when-downgrade\" data-hl-processed=\"none\" data-mrf-recirculation=\"inline-link\"><u>OilRig<\/u><\/a> and other Iran\u2011linked groups show a persistent focus on energy, finance, telecoms and supply\u2011chain infiltration techniques, according to Thornton-Trump. He says threat intelligence overviews show evolution towards \u201c<a data-analytics-id=\"inline-link\" href=\"https:\/\/www.itpro.com\/security\/cyber-attacks\/vast-majority-breaches-enabled-preventable-gaps-identity-weaknesses-palo-alto-networks\" data-url=\"https:\/\/www.itpro.com\/security\/cyber-attacks\/vast-majority-breaches-enabled-preventable-gaps-identity-weaknesses-palo-alto-networks\" data-hl-processed=\"none\" data-mrf-recirculation=\"inline-link\" data-before-rewrite-localise=\"https:\/\/www.itpro.com\/security\/cyber-attacks\/vast-majority-breaches-enabled-preventable-gaps-identity-weaknesses-palo-alto-networks\"><u>identity\u2011centric<\/u><\/a> cloud intrusions, wipers, and psychological ops aligned to crises\u201d.<\/p>\n<p id=\"elk-291692e7-be7b-46f2-addc-3d7d36b9f33a\">Businesses throughout the UK and US are both at risk from Iran cyber-attacks. However, the US is \u201cthe primary target by some distance\u201d, says Anderson. \u201cIt carries the vast majority of identified asset exposure, with healthcare and government the most affected sectors.\u201d<\/p>\n<p id=\"elk-f23e1934-a5ca-4946-9a7c-d2ab4b3a13e5\">The UK&#8217;s risk is more indirect, but shouldn&#8217;t be dismissed. \u201cWith Iranian actors going after cloud identity infrastructure, the <a data-analytics-id=\"inline-link\" href=\"https:\/\/www.itpro.com\/security\/supply-chain-and-ai-security-in-the-spotlight-for-cyber-leaders-in-2026\" data-url=\"https:\/\/www.itpro.com\/security\/supply-chain-and-ai-security-in-the-spotlight-for-cyber-leaders-in-2026\" data-hl-processed=\"none\" data-mrf-recirculation=\"inline-link\" data-before-rewrite-localise=\"https:\/\/www.itpro.com\/security\/supply-chain-and-ai-security-in-the-spotlight-for-cyber-leaders-in-2026\">supply chain risk<\/a> travels fast and doesn&#8217;t respect geography,\u201d Anderson warns.<\/p>\n<p><a id=\"elk-538c8160-e8b3-40af-a425-c23b4eb42ca6\"\/><iframe allow=\"\" height=\"200px\" width=\"100%\" id=\"\" style=\"\" class=\"position-center\" data-lazy-priority=\"low\" data-lazy-src=\"https:\/\/player.captivate.fm\/episode\/d27ed604-4541-4b22-acce-3c5ab40e5fc9\/\"><\/iframe><a id=\"elk-863efd23-aefd-4ae1-944f-51e1f3d4ee7f\"\/><\/p>\n<h2 id=\"protecting-your-business-3\">Protecting your business<\/h2>\n<p id=\"elk-20527b65-a5ce-4be3-9f08-2f933e2fe664\">The risk of attack is growing, but most firms can boost resilience by ensuring foundational <a data-analytics-id=\"inline-link\" href=\"https:\/\/www.itpro.com\/security\/strategies-for-guarding-against-emerging-cyber-risks-and-invisible-threats\" data-url=\"https:\/\/www.itpro.com\/security\/strategies-for-guarding-against-emerging-cyber-risks-and-invisible-threats\" data-hl-processed=\"none\" data-mrf-recirculation=\"inline-link\" data-before-rewrite-localise=\"https:\/\/www.itpro.com\/security\/strategies-for-guarding-against-emerging-cyber-risks-and-invisible-threats\">security hygiene<\/a>. \u201cThe to-do list isn&#8217;t glamorous, but it is urgent,\u201d according to Anderson. \u201cPatch systems, keep firewalls current, enforce <a data-analytics-id=\"inline-link\" href=\"https:\/\/www.itpro.com\/security\/cyber-security\/369745\/what-is-mfa-fatigue\" data-url=\"https:\/\/www.itpro.com\/security\/cyber-security\/369745\/what-is-mfa-fatigue\" data-hl-processed=\"none\" data-mrf-recirculation=\"inline-link\" data-before-rewrite-localise=\"https:\/\/www.itpro.com\/security\/cyber-security\/369745\/what-is-mfa-fatigue\"><u>multi-factor authentication<\/u><\/a> (MFA) and remove stale accounts. Scrutinise who holds privileged access to device management platforms such as Intune.\u201d<\/p>\n<p id=\"elk-e8ae3a29-27e8-4e91-a787-4c4e03f33215\">With supply chains likely to be hit, the security of partner organizations must also be re-examined, with greater due diligence applied to third-party risk and access controls, according to DeForge.<\/p>\n<p id=\"elk-ae7fcdce-5c7e-4d43-9ceb-e07b5dcde128\">As with any threat, businesses should \u201ctreat cyber conflict as a board-level operational risk\u201d, says Wandhofer. Immediate priorities include \u201creducing <a data-analytics-id=\"inline-link\" href=\"https:\/\/www.itpro.com\/business\/digital-transformation\/it-leaders-are-throwing-money-away-with-legacy-systems-enterprises-report-usd370-million-in-losses-each-year-due-to-outdated-tech\" data-url=\"https:\/\/www.itpro.com\/business\/digital-transformation\/it-leaders-are-throwing-money-away-with-legacy-systems-enterprises-report-usd370-million-in-losses-each-year-due-to-outdated-tech\" data-hl-processed=\"none\" data-mrf-recirculation=\"inline-link\" data-before-rewrite-localise=\"https:\/\/www.itpro.com\/business\/digital-transformation\/it-leaders-are-throwing-money-away-with-legacy-systems-enterprises-report-usd370-million-in-losses-each-year-due-to-outdated-tech\"><u>reliance on legacy systems<\/u><\/a>, improving <a data-analytics-id=\"inline-link\" href=\"https:\/\/www.itpro.com\/security\/27713\/the-importance-and-benefits-of-effective-patch-management\" data-url=\"https:\/\/www.itpro.com\/security\/27713\/the-importance-and-benefits-of-effective-patch-management\" data-hl-processed=\"none\" data-mrf-recirculation=\"inline-link\" data-before-rewrite-localise=\"https:\/\/www.itpro.com\/security\/27713\/the-importance-and-benefits-of-effective-patch-management\"><u>patch management<\/u><\/a> and addressing <a data-analytics-id=\"inline-link\" href=\"https:\/\/www.itpro.com\/software\/open-source\/86-percent-of-enterprise-codebases-contain-open-source-vulnerabilities\" data-url=\"https:\/\/www.itpro.com\/software\/open-source\/86-percent-of-enterprise-codebases-contain-open-source-vulnerabilities\" data-hl-processed=\"none\" data-mrf-recirculation=\"inline-link\" data-before-rewrite-localise=\"https:\/\/www.itpro.com\/software\/open-source\/86-percent-of-enterprise-codebases-contain-open-source-vulnerabilities\"><u>known vulnerabilities<\/u><\/a> that <a data-analytics-id=\"inline-link\" href=\"https:\/\/www.itpro.com\/security\/cyber-attacks\/threat-actors-exploiting-quickly-what-business-leaders-should-do\" data-url=\"https:\/\/www.itpro.com\/security\/cyber-attacks\/threat-actors-exploiting-quickly-what-business-leaders-should-do\" data-hl-processed=\"none\" data-mrf-recirculation=\"inline-link\" data-before-rewrite-localise=\"https:\/\/www.itpro.com\/security\/cyber-attacks\/threat-actors-exploiting-quickly-what-business-leaders-should-do\"><u>attackers frequently exploit<\/u><\/a>\u201d, she says.<\/p>\n<p id=\"elk-aaa198da-53ed-436b-bb60-2617b8b1301f\"><a data-analytics-id=\"inline-link\" href=\"https:\/\/www.itpro.com\/business\/business-strategy\/why-the-ciso-role-is-so-demanding-and-how-leaders-can-help\" data-url=\"https:\/\/www.itpro.com\/business\/business-strategy\/why-the-ciso-role-is-so-demanding-and-how-leaders-can-help\" data-hl-processed=\"none\" data-mrf-recirculation=\"inline-link\" data-before-rewrite-localise=\"https:\/\/www.itpro.com\/business\/business-strategy\/why-the-ciso-role-is-so-demanding-and-how-leaders-can-help\"><u>CISOs<\/u><\/a> in energy, maritime, finance, and water should \u201cassume targeted system probing during kinetic peaks,\u201d says Thornton-Trump. He recommends MFA on remote access, removing publicly-exposed operational technology and eradicating <a data-analytics-id=\"inline-link\" href=\"https:\/\/www.itpro.com\/security\/thousands-of-it-administrators-are-using-admin-as-their-default-password\" data-url=\"https:\/\/www.itpro.com\/security\/thousands-of-it-administrators-are-using-admin-as-their-default-password\" data-hl-processed=\"none\" data-mrf-recirculation=\"inline-link\" data-before-rewrite-localise=\"https:\/\/www.itpro.com\/security\/thousands-of-it-administrators-are-using-admin-as-their-default-password\"><u>default credentials<\/u><\/a>, as well as ensuring segmentation and \u201cimmutable backups\u201d.<\/p>\n<p id=\"elk-d31a5c61-b566-4e86-80bc-0a741d145368\">Firms should have an incident response plan in place and expect identity\u2011centric intrusions from Iran-linked attackers such as <a data-analytics-id=\"inline-link\" href=\"https:\/\/www.itpro.com\/security\/cyber-attacks\/what-is-an-apt\" data-url=\"https:\/\/www.itpro.com\/security\/cyber-attacks\/what-is-an-apt\" data-hl-processed=\"none\" data-mrf-recirculation=\"inline-link\" data-before-rewrite-localise=\"https:\/\/www.itpro.com\/security\/cyber-attacks\/what-is-an-apt\"><u>APT<\/u><\/a> 33 and 34, Thornton-Trump warns. \u201cHarden cloud and <a data-analytics-id=\"inline-link\" href=\"https:\/\/www.itpro.com\/security\/how-to-implement-identity-and-access-management-iam-effectively-in-your-business\" data-url=\"https:\/\/www.itpro.com\/security\/how-to-implement-identity-and-access-management-iam-effectively-in-your-business\" data-hl-processed=\"none\" data-mrf-recirculation=\"inline-link\" data-before-rewrite-localise=\"https:\/\/www.itpro.com\/security\/how-to-implement-identity-and-access-management-iam-effectively-in-your-business\"><u>identity and access management<\/u><\/a> and monitor for wiper precursors and proxy\u2011linked information ops designed to induce panic.\u201d<\/p>\n<\/div>\n<p><br \/>\n<br \/><a href=\"https:\/\/www.itpro.com\/security\/cyber-attacks\/beyond-wipers-iran-backed-cyber-attacks-and-the-threat-to-businesses\">Source link <\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Over the last few years, the threat from Iran-based cyberattacks has been quietly growing. The country was not previously seen as the most capable nation state,&hellip;<\/p>\n","protected":false},"author":1,"featured_media":46631,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_lmt_disableupdate":"","_lmt_disable":"","footnotes":""},"categories":[32],"tags":[],"class_list":["post-46630","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-technology"],"_links":{"self":[{"href":"https:\/\/foreignnewstoday.com\/index.php?rest_route=\/wp\/v2\/posts\/46630","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/foreignnewstoday.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/foreignnewstoday.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/foreignnewstoday.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/foreignnewstoday.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=46630"}],"version-history":[{"count":0,"href":"https:\/\/foreignnewstoday.com\/index.php?rest_route=\/wp\/v2\/posts\/46630\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/foreignnewstoday.com\/index.php?rest_route=\/wp\/v2\/media\/46631"}],"wp:attachment":[{"href":"https:\/\/foreignnewstoday.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=46630"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/foreignnewstoday.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=46630"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/foreignnewstoday.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=46630"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}