Iran-nexus threat groups refine attacks against critical infrastructure
Iran-nexus threat groups refine attacks against critical infrastructure
Publish Date: 2026-04-23 12:19:00
Source Domain: www.cybersecuritydive.com
Iran, long considered a steady and persistent cyber threat to the U.S., has raised its game in the months since the two nations went to war in February.
Iranian-backed cyber threat groups, which range from state-sponsored actors to pro-Iranian hacktivists and financially motivated hackers, appear to have evolved some of their motivations and capabilities in cyber, according to analysts and security researchers.
“What we are seeing are attacks that are aiming to have a more destructive effect,” Annie Fixler, director of the Center on Cyber and Technology Innovation (CCTI) at the Foundation for Defense of Democracies told Cybersecurity Dive.
What we are seeing are attacks that are aiming to have a more destructive effect.
Annie Fixler
Director of the Center on Cyber and Technology Innovation (CCTI) at the Foundation for Defense of Democracies
Specifically, Iran-linked actors have increased the use of data wiping malware in recent attacks against Israel and demonstrated greater capability to evade detection, according to researchers at Palo Alto Networks.
In another alarming development, Darktrace last week published an analysis of a malware strain called ZionSiphon, to potentially tamper with chlorine levels and pressure controls in Israeli water facilities. The malware was embedded with pro-Iran and Palestinian messaging for additional psychological impact.
Recent military strikes by Iran may have combined exploitation of flaws in video cameras and kinetic military strikes, according to Check Point Research. The activity may indicate a higher level of coordination and could be used potentially against critical infrastructure, surveillance and other targeted threat activity, CCTI’s Fixler noted.
Meanwhile, the bombing campaign by the U.S. and Israel exposed weaknesses in Iran’s traditional military capabilities, such as its limited ability to control and defend its own airspace and…
