Cybercrime Surge of 245% Linked to Iran War Escalation

Severity: High (Score: 77.0)

Sources: Theregister

Summary

Since the onset of the Iran war, cybercrime has surged by 245%, as reported by Akamai. The banking and fintech sectors are the most affected, accounting for 40% of the malicious traffic, followed by e-commerce (25%) and video games (15%). The increase includes a 70% rise in botnet-driven discovery traffic and a 65% rise in automated reconnaissance efforts. Notably, a US financial services firm blocked 13 million packets from Iran in the last 90 days, with significant spikes in traffic observed on February 9 and after the conflict began. While Iran accounted for 14% of the malicious traffic, Russia and China contributed 35% and 28%, respectively. Pro-Russian hacktivists are also expanding the attack surface in the Middle East, posing risks to regional infrastructure. The Iranian hacktivist group Handala has claimed responsibility for a destructive attack against Stryker, a medical technology company. Akamai advises organizations to enhance their defenses, especially those operating in vulnerable geographies. Key Points: • Cybercrime increased by 245% since the Iran war began, severely impacting banking and fintech. • Akamai reported a 70% rise in botnet-driven discovery traffic and a 65% rise in automated reconnaissance. • Pro-Russian hacktivists are expanding cyber threats in the Middle East, targeting critical infrastructure.

Key Entities

• Botnet (attack_type)
• DDoS (attack_type)
• Malware (attack_type)
• Stryker (company)
• China (country)
• Iran (country)
• Russia (country)
• Financial (industry)
• Healthcare (industry)
• Media (industry)
• Technology (industry)
• T1046 - Network Service Discovery (mitre_attack)
• T1090 - Proxy (mitre_attack)