Potential damage to American critical infrastructure looms as a likely outcome in the ongoing Iran-Israel conflict

In the midst of the ongoing conflict between Israel and Iran, there has been a significant increase in cyber threats against critical infrastructure in Saudi Arabia, Jordan, and the United States, according to recent reports.

John Hultquist, chief analyst at Google Threat Intelligence Group, has warned that Iranian cyber activity could shift outside of the Middle East. Hultquist stated that Iran's cyber threat capability could reprioritise targets in the United States for action. This follows Hultquist's earlier statements about Iran-aligned groups targeting entities in both Israel and the U.S. in connection with the Gaza conflict.

These hacktivist groups employ a variety of tactics, including exploitation of vulnerable systems, targeted spear-phishing, and data collection. They are known for carrying out both disruptive and destructive attacks. Activist groups have already claimed to have disrupted Israeli radio stations, and security leaders in multiple sectors are raising concerns about a spike in Iran-linked threat activity.

Critical infrastructure organisations are advised to harden their networks, educate themselves about Iran-affiliated threat groups, and begin heightened monitoring for suspicious activity. The joint statement was issued by the Food and Ag-ISAC and IT-ISAC. Researchers also advise U.S. infrastructure providers to harden their defenses against both direct intrusions and supply chain attacks targeting their third-party vendors.

One of the most serious attacks targeted the U.S. water sector by exploiting flaws in Israeli-made industrial equipment. This incident underscores the need for vigilance and preparedness in the face of escalating cyber threats.

Scott Algeier, executive director of the Information Technology Information Sharing and Analysis Center and the Food and Agriculture Information Sharing and Analysis Center, stated that these actors are increasingly sophisticated and often overlap strategically with the goals of state-sponsored objectives.

Despite the increased threats, no states or organisations have publicly declared that they would use their cyberattack capabilities against critical infrastructures in the USA in connection with a potential outbreak of direct military clashes between Israel and Iran. Recent sources report military hostilities and ceasefires between Israel and Iran until June 2025, but do not mention any such cyber threat declarations targeting the USA.

Google has previously issued guidance on Iran-aligned groups targeting entities in both Israel and the U.S. in connection with the Gaza conflict. Radware's researchers have also reported the escalation of cyber threats against Israel and the U.S.'s Middle Eastern allies.

As the conflict between Israel and Iran continues, it is crucial for critical infrastructure organisations to remain vigilant and proactive in protecting their networks from potential cyber threats.