{"id":192104,"date":"2026-03-02T12:36:00","date_gmt":"2026-03-02T17:36:00","guid":{"rendered":"https:\/\/testing.news-you-need.com\/index.php\/2026\/03\/02\/intelligence-firms-watch-for-uptick-in-iran-cyber-activity-after-us-israel-strikes\/"},"modified":"2026-03-02T13:10:10","modified_gmt":"2026-03-02T18:10:10","slug":"intelligence-firms-watch-for-uptick-in-iran-cyber-activity-after-us-israel-strikes","status":"publish","type":"post","link":"https:\/\/testing.news-you-need.com\/index.php\/2026\/03\/02\/intelligence-firms-watch-for-uptick-in-iran-cyber-activity-after-us-israel-strikes\/","title":{"rendered":"Intelligence firms watch for uptick in Iran cyber activity after US, Israel strikes"},"content":{"rendered":"<p><a href=\"https:\/\/www.nextgov.com\/cybersecurity\/2026\/03\/intelligence-firms-watch-uptick-iran-cyber-activity-after-us-israel-strikes\/411802\/\">Intelligence firms watch for uptick in Iran cyber activity after US, Israel strikes<\/a><\/p>\n<p><a href=\"https:\/\/www.nextgov.com\/cybersecurity\/2026\/03\/intelligence-firms-watch-uptick-iran-cyber-activity-after-us-israel-strikes\/411802\/\">https:\/\/www.nextgov.com\/cybersecurity\/2026\/03\/intelligence-firms-watch-uptick-iran-cyber-activity-after-us-israel-strikes\/411802\/<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-03-02 12:36:00<\/a><\/p>\n<p>Source Domain: <a href=\"www.nextgov.com\">www.nextgov.com<\/a><\/p>\n<p>Author: <a href=\"\"><\/a><\/p>\n<p> Using an unordered list, summarize the following article with between 4 and 8 key points.<br \/>\nTehran-linked hackers are stepping up digital reconnaissance and preparing for potentially disruptive cyber activity following recent U.S. and Israeli strikes on Iran, cyber intelligence firms warn.The coordinated strikes and escalating tensions across the broader Middle East are setting the stage for a renewed phase of Iranian cyber operations, including espionage and possible attacks on U.S. critical infrastructure, they say.CrowdStrike has \u201cnot observed large-scale state-sponsored cyber campaigns\u201d but is seeing \u201ca surge in claimed activity from Iran-aligned and sympathetic hacktivist groups, including assertions of disruptive actions such as [denial-of-service] operations, defacements and alleged interference across targets in the Middle East, the United States and parts of Asia,\u201d said Adam Meyers, the firm\u2019s head of counter adversary operations.\u00a0Denial-of-service attacks seek to overwhelm a website with artificial traffic and knock it offline.At this point, much of the publicized hacks are claim-driven, but critical infrastructure and financial sector firms \u201cshould remain vigilant for follow-on activity that moves beyond nuisance-level disruption into more coordinated or destructive operations,\u201d he said.\u201cWe expect Iran to target the U.S., Israel, and Gulf Cooperation Council (GCC) countries with disruptive cyberattacks, focusing on targets of opportunity and critical infrastructure,\u201d said John Hultquist, the chief analyst at Google\u2019s Threat Intelligence Group.That said, Iran \u201chas historically had mixed results with disruptive cyberattacks, and they frequently fabricate and exaggerate their effects in an effort to boost their psychological impact,\u201d he added. \u201cThough they can have serious impacts on individual enterprises, it\u2019s important to take their claims with a grain of salt.\u201d\u00a0Industry research has previously documented these theatrics.U.S. officials said Monday the Iran operation was in its initial phases, with additional forces expected to be deployed to the Middle East\u00a0amid escalating attacks that risk inflating into a full-scale regional conflict.\u00a0Worldwide critical economic infrastructure is now a primary target for Iranian-tied hackers, according to Flashpoint findings emailed to Nextgov\/FCW. Pro-Iranian hacktivist groups claimed to have breached a major Jordanian grain silo company\u2019s control systems, including alleged manipulation of temperature controls and weighing systems, Flashpoint said. It\u2019s not clear if those claims are legitimate.Every U.S. multinational firm is at risk of being targeted, said Christopher Burgess, a former CIA official focused on cybersecurity, intelligence and technology. \u201cYou have to prepare by talking to your personnel in Abu Dhabi. You have to talk to your personnel in Kuwait. Your generic safety briefings no longer hold any water.\u201d\u201cIn the United States \u2026 we tend to see an event and we go, \u2018That can\u2019t happen to us,\u2019 and then we move on,\u201d he added. \u201cBut here\u2019s the question I\u2019d ask every company: If your personnel or your offices abroad lose water, power or communications for two weeks, what\u2019s your plan? What\u2019s your plan in the U.S. if that happens?\u201dThe war is expected to test U.S. cyber defenses, which have been significantly impacted in the last year amid broad workforce cuts across the federal government. A further diminished workforce in the Department of Homeland Security, which has not been fully funded for some two weeks, is also amplifying concerns.The Cybersecurity and Infrastructure Security Agency, the cyberdefense bureau housed in DHS, is operating with a reduced capacity. Some furloughed CISA workers are on standby orders, where they are directed to monitor work communications and prepare to potentially be called in, according to a current agency employee who spoke on the condition of anonymity due to fear of retribution.\u201cSome in the private sector are surprised that there\u2019s a furlough right now going on at CISA,\u201d said the employee, noting that it\u2019s uncertain when the agency will receive full funding again. \u201cIt feels like there\u2019s not a lot of push on either side [of the political aisle] to really come to a budget resolution immediately.\u201dSome Republicans have used the ensuing conflict to push Democrats to reach a DHS funding deal.\u00a0\u201cBecause of Democrats\u2019 refusal to fund DHS, the Cybersecurity and Infrastructure Security Agency (CISA) is operating at ~38% staffing,\u201d Tennessee Rep. Matt Van Epps said in an X post that linked earlier reporting from Nextgov\/FCW and Defense One. \u201cThis is putting our nation\u2019s critical infrastructure at risk, especially considering Tehran\u2019s history of retaliatory cyber attacks.\u201dDHS Secretary Kristi Noem\u00a0is expected to testify tomorrow before the Senate Judiciary Committee and may face questions about staffing at the cyber agency.\u201cI am in direct coordination with our federal intelligence and law enforcement partners as we continue to closely monitor and thwart any potential threats to the homeland,\u201d Noem said in a statement to Nextgov\/FCW.\u201cIranian regime-backed cyber actors continue to pose a serious threat to the United States and our allies, from probing our water utilities to running influence operations that undermine our democracy,\u201d House Homeland Security Committee chairman Rep. Andrew Garbarino, R-N.Y., said in a statement. \u201cCISA and its skilled personnel need to remain fully operational \u2014 and paid \u2014 to ensure our nation is ready to deter and respond to cyber threats against critical infrastructure across the public and private sectors.\u201d<\/p>\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Intelligence firms watch for uptick in Iran cyber activity after US, Israel strikes https:\/\/www.nextgov.com\/cybersecurity\/2026\/03\/intelligence-firms-watch-uptick-iran-cyber-activity-after-us-israel-strikes\/411802\/ Publish&#8230;<\/p>\n","protected":false},"author":1,"featured_media":192105,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/cdn.nextgov.com\/media\/img\/cd\/2026\/03\/02\/GettyImages_1201299221\/open-graph.jpg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[24],"class_list":["post-192104","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-cybersecurity"],"_links":{"self":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/192104"}],"collection":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=192104"}],"version-history":[{"count":1,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/192104\/revisions"}],"predecessor-version":[{"id":192106,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/192104\/revisions\/192106"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/192105"}],"wp:attachment":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=192104"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=192104"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=192104"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}