By rssfeeds-admin 
With the launch of Operation Lion’s Roar, a coordinated military strike against Iranian military sites, Iran has retaliated through various means, including missile and drone strikes.
Alongside these physical attacks,
This rise in cyber activity is part of Iran’s broader strategy to disrupt and degrade adversary infrastructures without further inflaming kinetic hostilities.
Iranian APT Activity In The Current Conflict
In the wake of the ongoing conflict, Iranian APT groups like MuddyWater, OilRig, and APT33 have ramped up their activities, focusing primarily on critical infrastructure sectors.
These groups have long been known for their cyber espionage campaigns targeting government agencies, energy companies, telecommunications providers, and critical infrastructure networks in the Middle East, Europe, and North America.
As geopolitical tensions increase, these cyber operations are now expanding. Recent reports from Nozomi Networks indicate that during this conflict’s early stages, APT groups have been particularly targeting the Manufacturing and Transportation sectors.
In many cases, these attacks have gone undetected by traditional Endpoint Detection and Response (EDR) solutions due to the sophisticated tactics used by these threat actors.
Once inside, they utilize living-off-the-land techniques, leveraging legitimate system tools to evade detection.
Similarly, OilRig and APT33 have employed a combination of spear-phishing, web shells, and custom malware to infiltrate targets and maintain persistence within networks, with a focus on government entities and energy sectors.
Evolving Threats and Tactics
These groups’ tactics evolve quickly, especially amid heightened conflict. In recent weeks, Nozomi Networks has observed a marked increase in attacks targeting infrastructure in the Middle East, with organizations particularly vulnerable due to outdated systems and unpatched vulnerabilities.
A significant portion of these vulnerabilities has been linked to high or critical CVSS scores, making them prime targets for exploitation.
According to Nozomi Networks research, to mitigate these emerging threats, organizations must adopt a data-centric security strategy that emphasizes monitoring, vulnerability management, and timely updates.
These groups are exploiting digital tools like AzCopy and living-off-the-land techniques to remain undetected while targeting high-value infrastructure.
Organizations that combine network visibility, robust segmentation, and a strong incident response plan will be better positioned to withstand these evolving threats and ensure operational continuity.
Follow us on Google News , LinkedIn and X to Get More Instant Updates. Set Cyberpress as a Preferred Source in Google.
The post Iranian APT Groups Target Critical Infrastructure Amid Geopolitical Tensions appeared first on Cyber Security News.
Discover more from RSS Feeds Cloud
Subscribe to get the latest posts sent to your email.