Iran’s cyber threat may be less ‘shock and awe’ than ‘low and slow,’ officials say
Officials and experts believe the most likely threat from Iranian hackers is not a digital shock-and-awe campaign, but something quieter: opportunistic intrusions, dressed up to look bigger than they are.
NASHVILLE — After the Cybersecurity and Infrastructure Security Agency issued an advisory that said Iranian-linked cyber actors were looking to “cause disruptive effects within the United States,” the U.S. has been bracing for a major cyberattack against its critical infrastructure.
But officials and cybersecurity experts told reporters on Friday that the more likely threat is not a digital shock-and-awe campaign, but something quieter: opportunistic intrusions, dressed up to look bigger than they are.
Speaking at the Asness Summit on Modern Conflict and Emerging Threats in Nashville, former NSA director Tim Haugh and Kevin Mandia, a longtime cyber first responder and founder of a new AI cybersecurity venture, said Iran’s cyber operations have tended to rely less on novel capabilities than on exploiting basic security gaps — and then amplifying the results.
Source: https://therecord.media/iran-cyber-warfare-haugh
Related breach coverage
- Russia-linked hackers target Signal, WhatsApp of officials globally2026-03-09
Russia-linked hackers are targeting Signal and WhatsApp accounts of government and military officials worldwide, warns Dutch intelligence. Dutch intelligence agencies (MIVD and AIVD) warn of a global campaign by Russia-linked threat actors aiming to compromise Signal and WhatsApp accounts. The operation targets government officials, civil servants, and military personnel, highlighting growing cyber risks to sensitive […]
- Amazon Details Iran’s Cyber-Enabled Kinetic Attacks Linking Digital Spying to Physical Strikes2025-11-19
Amazon threat intelligence experts have documented two cases in which Iran leveraged hacking to prepare for kinetic attacks. The post Amazon Details Iran’s Cyber-Enabled Kinetic Attacks Linking Digital Spying to Physical Strikes appeared first on SecurityWeek.
- Anthropic: China-backed hackers launch first large-scale autonomous AI cyberattack2025-11-16
China-linked actors used Anthropic’s AI to automate and run cyberattacks in a sophisticated 2025 espionage campaign using advanced agentic tools. China-linked threat actors used Anthropic’s AI to automate and execute cyberattacks in a highly sophisticated espionage campaign in September 2025. The cyber spies leveraged advanced “agentic” capabilities rather than using AI only for guidance. Attackers […]
- Iran-linked actors use Telegram as C2 in malware attacks on dissidents2026-03-23
Iran-linked actors use Telegram as C2 to spread malware targeting dissidents and journalists, enabling surveillance and data theft. The FBI warns that Iran’s Ministry of Intelligence and Security (MOIS) runs cyber campaigns using Telegram as a command-and-control infrastructure to deliver malware. Threat actors target Iranian dissidents, journalists, and opposition groups worldwide. Once deployed, the malware […]