Cyber fallout from the Iran war: What to have on your radar

The war in Iran was less than 24 hours old when it produced a historic first: the deliberate targeting of commercial data centers. On March 1^st, Iranian drones hit three Amazon Web Services (AWS) facilities in the United Arab Emirates and Bahrain, disrupting core cloud infrastructure and knocking out finance apps and enterprise tools not only across the Gulf, but also far away from the region. The attacks showed that physical distance from a conflict zone is no guarantee of insulation from the impacts of kinetic warfare.

For most organizations, however, the more immediate risk plays out in cyberspace and involves all manner of threat actors. Within hours of the US-Israel ‘Operation Epic Fury’ (‘Operation Roaring Lion’) on February 28^th, Iran-nexus cyber-actors mobilized in large numbers – Palo Alto Networks' Unit 42 counted more than 60 active pro-Iranian hacktivist groups. Also within hours, cybersecurity agencies in the United Kingdom ...