Clint Watts – General Manager, Digital Threat Analysis Center at Microsoft writes: “Rinse and repeat: Iran accelerates its cyber influence operations worldwide:
Iran continues to be a significant threat actor, and it is now supplementing its traditional cyberattacks with a new playbook, leveraging cyber-enabled influence operations (IO) to achieve its geopolitical aims.
Microsoft has detected these efforts rapidly accelerating since June 2022. We attributed 24 unique cyber-enabled influence operations to the Iranian government last year – including 17 from June to December – compared to just seven in 2021. We assess that most of Iran’s cyber-enabled influence operations are being run by Emennet Pasargad – which we track as Cotton Sandstorm (formerly NEPTUNIUM) – an Iranian state actor sanctioned by the US Treasury Department for their attempts to undermine the integrity of the 2020 US Presidential Elections.