Washington– They also fled Iranian missile strikeSome Israelis with Android phones received a text message displaying a link to real-time information about shelters. But instead of a useful app, the link downloaded spyware, giving hackers access to the device’s camera, location, and all of its data.
the The operation attributed to IranIt demonstrated sophisticated coordination and is just the latest tactic in the cyber conflict that pits the United States and Israel against Iran and its digital proxies. As Iran and its supporters seek to use their cyber capabilities to make up for their military shortcomings, they show how disinformation, artificial intelligence, and hacking are now ingrained in modern warfare.
Gil Messing, chief of staff at Check Point Research, a cybersecurity firm with offices in Israel and the United States, said the recently received fake text messages appeared to be timed to coincide with missile strikes, representing a new combination of digital and physical attacks.
“This message was sent to people as they fled to shelters to defend themselves,” Messing said. “The fact that it is simultaneous and at the same moment… is the first of its kind.”
Experts say that the digital battle is likely to continue even if a ceasefire is reached, because it is much easier and less expensive than traditional conflict, and because it is designed not for killing or conquest, but for espionage, theft and intimidation.
Although the volume of war-related cyberattacks has been high, they have been relatively minor when it comes to damaging economic or military networks. But they have put many American and Israeli companies on the defensive, forcing them to quickly patch old security vulnerabilities.
Investigators at Utah-based security firm DigiCert have tracked nearly 5,800 cyberattacks so far by nearly 50 different groups linked to Iran. While most attacks targeted US or Israeli companies, DigiCert also found attacks on networks in Bahrain, Kuwait, Qatar and other countries in the region.
Many attacks can be easily thwarted with the latest cybersecurity precautions. But they can seriously harm organizations with legacy security and impose demands on resources even when they don’t work.
Then there is the psychological impact on companies that may do business with the military.
“There are a lot of attacks that happen that go unreported,” said Michael Smith, chief field technology officer at DigiCert.
A pro-Iranian hacking group On Friday, he claimed responsibility for the infiltration account FBI Director Kash PatelHe published what appear to be years-old photographs, along with his work biography and other personal documents. Many of these records appear to be more than a decade old.
They resemble many of the cyberattacks associated with pro-Iranian hackers: flashy and designed to boost morale among supporters, while undermining an adversary’s confidence but with little impact on the war effort.
These high-volume, low-impact attacks are “a way of telling people in other countries that you can still reach out and touch them even though they’re on a different continent. That makes it more of a scare tactic,” Smith said.
Iran is likely to target the weakest links in American cybersecurity: supply chains that support the economy and the war effort, as well as critical infrastructure such as ports, railway stations, water plants, and hospitals.
Iran is also targeting data centers with cyber and conventional weapons, demonstrating how important the centers are to the economy, communications, and military information security.
This month, Iranian-backed hackers claimed responsibility for the attack Stryker hacka Michigan-based medical technology company. The group, known as Handala, claimed that the strike was in retaliation against the American suspects Strikes that killed Iranian schoolchildren.
Cybersecurity researchers at Halcyon recently published the results of another cyberattack targeting a healthcare company. Halcyon did not reveal the name of the company, but said that the hackers used a tool owned by the US authorities associated with Iran To install devastating ransomware that shut the company off its own network.
The hackers never demanded a ransom, suggesting their motive was destruction and chaos, not profit.
Combined with the attack on Stryker, “this indicates a deliberate focus on the medical sector rather than targets of opportunity,” said Cynthia Kaiser, a senior vice president at Halcyon. “As this conflict continues, we should expect targeting to intensify.”
AI can be used to increase the scale and speed of cyberattacks as well as allow hackers to automate much of the process.
But it is misinformation as AI has shown its destructive impact on public trust. Supporters of both sides have spread false images of atrocities or decisive victories that never occurred. One fake photo of sunken American warships has received more than 100 million views.
Authorities in Iran have limited access to the Internet, and work to shape Iranians’ view of the war through propaganda and disinformation. For example, Iranian state-run media began describing actual footage of the war as fake, sometimes replacing it with manipulated images, according to research by NewsGuard, a US company that tracks disinformation.
Growing concerns about the risks posed by artificial intelligence and hacking prompted the State Department to open an Office of Emerging Threats last year focused on new technologies and how they could be used against the United States. This office joins similar efforts already underway at agencies including the Cybersecurity and Infrastructure Security Agency and the National Security Agency.
AI also plays a role in defending against cyberattacks by automating and speeding up work, Director of National Intelligence Tulsi Gabbard recently told Congress.
Gabbard said the technology “will increasingly shape cyber operations with both cyber operators and defenders using these tools to improve their speed and effectiveness.”
While Russia and China are seen as posing greater cyber threats, Iran has nevertheless launched several operations targeting Americans. In recent years, groups working on behalf of Tehran hacked into President Donald Trump’s campaign email system. Targeted American water plants He attempted to penetrate networks used by military and defense contractors. They impersonated American protesters online as a way to covertly encourage Protests against Israel.