The ongoing US-Israel air strikes on Iran are likely to result in 'devastating' Iranian cyber attacks launched against American and allied critical infrastructure, claim experts.

That’s the stark warning of cyber risk analytics provider CyberCube, which believes American firms could soon face retaliatory cyber attacks - including ransomware - conducted by hacking groups linked to the crumbling Iranian regime.

In a blog post published yesterday, CyberCube assesses the level of risk that prolific Iranian hacking groups like APT33, MuddyWater and Fox Kitten pose to 1,000 large American businesses amid the Iranian war.

After using AI to better understand how these groups typically behave and their common targets, CyberCube found that 12 per cent of billion-dollar American firms across industries like banking, financial services, energy and utilities, oil and gas, healthcare, telecoms and the public sector are now vulnerable to Iranian cyber operations.

Of this percentage, 28 firms operate in the American healthcare sector, and 13 provide energy and utilities services in the US. American allies could also face a rise in Iranian cyber threat activity.

Despite acknowledging that an Iranian cyber attack launched against American or allied targets has yet to be confirmed since the start of the conflict between the US and Iran, Cyber Cube is now advising firms in vulnerable industries and the insurers they may turn to in the case of financial loss to take note.

In a media release, CyberCube said cyber insurance firms should replace “routine portfolio risk monitoring” with “a proactive posture across underwriting and exposure management”, given the likelihood of Iranian cyber attacks on US critical infrastructure firms being high.

CyberCube has also announced a new webinar in which it will explore how threat actors are leveraging AI as war unfolds in the Middle East and the implications this poses for cyber insurers. It’ll take place on March 26 at 4 pm GMT.

William Altman, director of cyber threat intelligence services at CyberCube and author of this new blog, added: “Insurance carriers should anchor expectations in Iran’s observed cyber playbook. U.S. government guidance has repeatedly warned that Iranian government-affiliated cyber threat actors target poorly secured networks and internet-connected devices, and that heightened vigilance is warranted for U.S. critical infrastructure and entities of interest.”

---