This 2024 - Let's Win the Battle of Headlines
newsIsrael News

Microsoft: Iranian cyberattacks on Israel have soared since Oct. 7

The attacks and "influence operations" have grown in number, sophistication and geographic scope since the start of the war, according to Microsoft's Threat Analysis Center.

Data graphic. Credit: Pixabay.
Data graphic. Credit: Pixabay.

Iran’s online disinformation activities and cyber attacks on Israel have risen dramatically since Oct. 7, according to a Microsoft report released on Monday.

“Iran’s activity quickly grew from nine Microsoft-tracked groups active in Israel during the first week of the war to 14 two weeks into the war. Cyber-enabled influence operations went from roughly one operation every other month in 2021 to 11 in October 2023 alone,” wrote Clint Watts, general manager of Microsoft’s Threat Analysis Center.

“As the war progressed, Iranian actors expanded their geographic scope to include attacks on Albania, Bahrain and the USA. They also increased their collaboration, enabling greater specialization and effectiveness,” Watts continued.

These cyberattacks grew “increasingly targeted and destructive” and so-called influence operation campaigns “increasingly sophisticated and inauthentic,” involving networks of social-media “sockpuppet” accounts, according to the report.

The campaign was successful, wrote Watts, noting a 42% increase in traffic to Iranian news sites from the United States, Britain, Canada, Australia and New Zealand during the first month of the war. That level has dropped somewhat, but Western traffic to Iranian media sites remains 28% above pre-war levels, he noted.

Iran’s efforts were aimed to “undermine Israel and its supporters across the internet and social media, causing general confusion and a loss of trust,” he said. Tehran’s four-pronged approach includes exacerbating domestic political and social rifts in target countries, cyberattacks against Israeli infrastructure in “retaliation” for the war in Gaza, intimidating Israeli supporters and their families and undermining international support for Israel.

The report highlighted a new Iranian trend of hackers masquerading as Israelis.

“In one recent operation, ‘Tears of War,’ Iranian operatives convinced Israelis to hang branded ‘Tears of War’ banners using AI-generated images in Israeli neighborhoods, based on Israeli press reporting,” the report said.

The report also raises concern about increased collaboration between various Iran-affiliated hacker groups. This “allows each group to contribute existing capabilities and removes the need for a single group to develop a full spectrum of tooling or tradecraft,” said Watts.

The findings raise troubling concerns for the future, especially with the prospect of similar influence campaigns to disrupt the U.S. presidential elections, he added.

“Amid the rising potential of a widening war, we expect Iranian influence operations and cyberattacks will continue to be more targeted, more collaborative and more destructive as the Israel-Hamas conflict drags on. Iran will continue to test redlines, as they have done with an attack on an Israeli hospital and U.S. water systems in late November,” the report stressed.

“The increased collaboration we have observed between different Iranian threat actors will pose greater threats in 2024 for election defenders who can no longer take solace in only tracking a few groups. Rather, a growing number of access agents, influence groups, and cyber actors makes for a more complex and intertwined threat environment.”

You have read 3 articles this month.
Register to receive full access to JNS.

Israel is at war - Support JNS

JNS is combating the barrage of misinformation with factual reporting. We depend on your support.

Support JNS
Thank you. You are a loyal JNS Reader.
You have read more than 10 articles this month.
Please register for full access to continue reading and post comments.
Never miss a thing
Get the best stories faster with JNS breaking news updates