Geopolitical Conflict Involving Iran, Israel, US Ripe for Attacks on Sector
U.S. federal authorities are warning of increased risk of Iranian cyber and related threats against healthcare and public health sector organizations – including ransomware, distributed denial-of-service and other attacks related to that nation’s escalated conflicts with Israel and the United States.
“Iranian hacktivist groups may be operating more closely with state entities as Iran explores asymmetric responses to U.S. and Israeli actions,” said Phil Englert, vice president of medical device security at the Health Information Sharing and Analysis Center.
“This includes state-backed hacktivism, where pro-Iranian groups receive tools and resources from Iranian nation-state actors. Conversely, Iranian state-sponsored groups may pose as hacktivists to obscure attribution while targeting U.S. and Israeli critical infrastructure.”
Iran may support sympathetic hacktivist groups or create fake ones as fronts for state operations. One example is CyberAv3ngers, suspected of ties to Iran’s military, which attacked U.S. water treatment PLCs made by Israeli firm Unitronics in late 2023, he said.
APT35, a known Iranian threat actor, has conducted operations disguised as grassroots activism to complicate attribution, he said.
“Because the health sector is one of the core pillars of modern critical infrastructure, it is often targeted in politically motivated hacktivist campaigns aimed at attacking a nation,” said Denise Anderson, president of the Health-ISAC.
The current Iranian threats don’t just potentially affect healthcare and public sector entities directly in the U.S., but also their supply chains, as well as critical healthcare organizations outside the U.S., she said.
“When we’ve seen geopolitical tensions like this in the past, typical threats center around DDoS attacks and website defacements,” Anderson said.
“Given that many software security vendors operate out of Israel, disruptions to their services could also be a factor,” she said.
Read the article in Healthcare InfoSecurity. Click Here
