Amazon Details Iran’s Cyber-Enabled Kinetic Attacks Linking Digital Spying to Physical Strikes

Amazon’s threat intelligence experts have documented two cases showing how Iran leveraged hacking in preparation for physical strikes, in what the company calls ‘cyber-enabled kinetic targeting’.

The internet giant has shared information on two case studies observed in recent years that involved threat actors linked to Iran.

The first case study involved a threat group known as Imperial Kitten and Tortoiseshell. The threat actor, believed to be operating on behalf of Iran’s Islamic Revolutionary Guard Corps (IRGC) since at least 2017, is known for its long-term operations, as well as for targeting military and defense entities.

Using data from customers, partners, and its own threat intelligence systems, Amazon was able to piece together a timeline for an operation that spanned more than two years, progressing from digital spying to a physical attack.

According to Amazon, Imperial Kitten compromised a ship’s Automatic Identification System (AIS) platform in December ...