At a glance.
- Iran integrates influence and cyber operations.
- ChatGPT use and misuse.
- Phishing reports increased by 34% in Q12023.
- HTML attacks double in one year.
- Discord Papers update.
- Cyberstrikes against civilian targets.
- War clause can't be invoked in NotPetya case: New Jersey court.
Iran integrates influence and cyber operations.
Microsoft has observed Iran making increasingly sophisticated attempts at influence operations. "Microsoft has detected these efforts rapidly accelerating since June 2022. We attributed 24 unique cyber-enabled influence operations to the Iranian government last year – including 17 from June to December – compared to just seven in 2021. We assess that most of Iran’s cyber-enabled influence operations are being run by Emennet Pasargad – which we track as Cotton Sandstorm (formerly NEPTUNIUM) – an Iranian state actor sanctioned by the US Treasury Department for their attempts to undermine the integrity of the 2020 US Presidential Elections." The new playbook is predictable but no less influential for its templated quality. A campaign begins with a "cyber persona" announcing and usually exaggerating a low-grade cyberattack. That announcement is then picked up, distributed, and amplified by inauthentic personae using the target audience's native language. "The goals of its cyber-enabled IO have included seeking to bolster Palestinian resistance, fomenting unrest in Bahrain, and countering the ongoing normalization of Arab-Israeli ties, with a particular focus on sowing panic and fear among Israeli citizens."